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programming. 

We start with the What’s New section, where J. 
Sipos shares with you his thoughts on a turnkey server 
made with OpenBSD. 

Then, Mohamed Farag describes the overall process 
of developing and applying different security policies 
within the FreeBSD kernel under the TrustedBSD MAC 
Security Framework. 

Next, Alexandro Silva talks a bit about Nginx, which Is 
a lightweight and powerful HTTP proxy, and Naxsi, which 
is a Nginx Web Application Firewall. 
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Let’s Talk 


OGAhn Eye For An Eye Soon Leads To 
Blindness 
By Rob Somerville 
Former National Security Agency contractor, Edward 
Snowden, has created worldwide controversy by leaking 
United States secrets to British and American newspapers. 
While Snowden seeks permanent asylum, the US bans 
access to the UK Guardian newspaper for US troops. This 
follows in the footsteps of the Stuxnet attack on Iranian 
nuclear infrastructure. Are we at war on the web? 


What’s New 


OSMaheshaOpenBSD - OpenBSD InA 
Serpent World 
By Juraj Sipos 
The article focuses on a turnkey server made with 
OpenBSD. This is available as a USB image that can 
be immediately deployed in the SOHO (Small Office — 
Home Office) environment. MaheshaOpenBSD Server is 
a flavor of the MaheshaBSD Server, originally based on 
FreeBSD, that runs on OpenBSD 5.2 and was released 
on April 5, 2013. 





14 Security Policy Development in 
TrustedBSD MAC Framework 
By Mohamed Farag 
Trusted Operating Systems are the next level of system 
security. They offer both new security features and a 
high assurance of successful implementation. Trusted 
systems differ from secure systems in many principles. 
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Trusted Systems established the concept of “ranking” 
systems with different degrees of trustworthiness. In such 
systems, users decide on trustworthiness and make a 
judgment based on the security of systems. Operating 
systems have to implement security policies, and different 
mechanisms are used to enforce such policies. There are 
various operating system security policies such as the 
Massachusetts Library System (MLS) and Biba, which 
was developed by Kenneth J. Biba. This article describes 
the overall process of developing and applying different 
security policies within the FreeBSD kernel under the 
TrustedBSD MAC Security Framework. 


= 6 Using Nginx and Naxsi for Security and 
High Availability 
By Alexandro Silva 
Nginx is a lightweight and powerful HTTP proxy, mail proxy, 
and reverse proxy server for UNIX-like systems that can 
also be used as an excellent High Availability (HA) and 
cluster system. Naxsi is an Nginx Web Application Firewall 
(WAF) created to mitigate web application vulnerabilities 
by using an intelligent resource to generate whitelist rules. 


Admin 


<3 OFreeBSD Programming Primer — Part 6 
By Rob Somerville 

In the sixth part of our series on programming, we will 

design a basic menu navigation system and style it with 

CSS. 


Cryptography 


36 Elliptic Curve Cryptography and Basic 
Applications in BSD OS 
By Jose B. Alos 
Over the past century, new IT discoveries and top 
technologies have been incorporated into our daily lives. 
As a result, one must decide whether computer security 
is essential or superfluous. In these times, when the 
Internet allows users to communicate easily around the 
world, many people use it to trade in goods or to protect 
against intruders. That's why cryptological techniques and 
algorithms are an essential need. 
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An Eye For An Eye Soon 


Leads To Blindness 


Former National Security Agency contractor, Edward Snowden, 
has created worldwide controversy by leaking United States 
secrets to British and American newspapers. While Snowden 
seeks permanent asylum, the US bans access to the UK Guardian 
newspaper for US troops. This follows in the footsteps of the 
Stuxnet attack on Iranian nuclear infrastructure. Are we at war on 


the web? 


ith human nature being what it is, no techno- 
VV logical innovation can remain unsullied from 
the fingerprints of those with less than pure mo- 
tives. Pornographers hijacked the fledgling movie industry 
in the early 20th century and continued with the next inno- 
vation, video. The same ethos applies to conmen, thieves, 
hustlers, fraudsters and many others that inhabit and ex- 
ploit the power of the Internet. Clearly, there will always be 
a dark side. This contrasts strongly with the whole idea of 
the Internet and the World Wide Web being a platform for 
openness, democracy, free speech, etc. 
Then again, there are institutions, schools, corpora- 
tions, etc. who view the Internet as just an extension to 
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their Local Area Network — joining satellite offices togeth- 
er transparently. While some use the medium to express 
themselves and communicate, others prefer to watch si- 
lently in the background and monitor trends, patterns and 
metadata. Some attack vulnerable systems for laughs, 
others for commercial gain. All of this is understood. 
Where the picture becomes unclear is how much cross- 
over there is between the military and intelligence servic- 
es (e.g. Defence Advanced Projects Research Agency 
— DARPA and the National Security Agency — NSA) and 
the Internet user. Just how much traffic is monitored? Is 
it content or metadata (e.g. IP address to IP address)? 
How long is it held for? How much power do the watch- 
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An Eye For An Eye Soon Leads To Blindness 


ers have to examine my traffic, my exchanges in detail? 
Is this cross-border, across nations? 

A lot has changed since the formation of DARPA in 
1958. The Cold War is over, and nations, rather than 
strengthening on the basis of individuality, are coalesc- 
ing into large trading groups. The world is becoming 
smaller; consumerism and Western values are pene- 
trating nations who, 50 years ago, would have rejected 
such principles. With connectivity via satellite, the World 
Wide Web literally encompasses the whole world, be it 
urban, suburban or inhospitable jungle or desert. The 
Internet is not limited to PC’s or servers, mobile devices 
(even domestic appliances and cars) are online. A new 
generation has embraced social media with gusto, im- 
pervious to the fact that in 30 years time, the inane, im- 
mature and sarcastic will be available to all as well as 
the more illustrative or insightful. Ironically, while tech- 
nology seems to have moved forward, the terrorist at- 
tacks of 2001 have spawned a culture of security and 
watchfulness that — it could be argued — is more restric- 
tive than during the 50’s or 60's. 

Throughout history, the powers that be (TPTB) have 
always used some method to monitor communications. 
The meta-data (who called who) for telephone calls in 
the UK at least, has to be stored for a number of years. 
Paper mail can be intercepted with a warrant, and the 
tales of bugs and microphones turning up in embassies 
throughout the world are legion. Everybody knows that 
Internet traffic can be easily monitored (ask any web- 
master) — the ethical question is “How much can we trust 
those that watch?” It is all very well to say that if you 
have nothing to hide, you have nothing to fear, but in in- 
telligence circles, there is no smoke without fire, and guilt 
by association — while not sufficient evidence to convict 
in a court of law — could assign an individual's name to 
some secure database somewhere, with no right of ap- 
peal or correction. 

The generic term “In the interests of National Security” 
covers a multitude of sins, and looking to other countries, 
quite frequently servers in the West will be attacked ei- 
ther for political, espionage or commercial reasons. What 
might be good for one nation will be bad for another, so 
the battle rages on, the weapons get bigger, the deploy- 
ments at the battle-front more numerous. Legal pre-emp- 
tive hacking strikes have been written into Singapore law 
(The Computer Misuse and Cybersecurity Act). We have 
now entered a vicious cycle of a technological arms race 
via the Internet and Local Area Networks; penetrating the 
lran nuclear facility with the Stuxnet worm — an act con- 
sidered science fiction during the Cold War— was three 
years ago. While the delivery vector was probably a USB 
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enabled device, the level of sophistication suggests mili- 
tary, intelligence or criminal origins rather than your run of 
the mill hacker. 

Besides controlling who has access to content, there is 
the separate issue of what content is acceptable. There 
used to be a 9pm watershed for all broadcast media — 
anything that might upset or cause offence could not be 
televised before then. With the introduction of the VCR 
and PVR, this control is now obsolete. As for the Internet, 
it's 24/7 whatever you want. It looks like the argument my 
father used is appropriate here: “There is always the Off 
button”. There are already calls for Internet censorship, 
and like the history of the book, cinema and printing press, 
we are approaching the time when some web pages will 
be stacked high, condemned and then publicly burnt. The 
Internet has suddenly become very political. 

The Internet and the World Wide Web as a force for 
good cannot be denied, yet as a technology, it is still rel- 
atively immature. Colour television was available in the 
1970’s, but mass adoption of the browser did not hap- 
pen until 25 years later. What we are experiencing are 
the growing pains — as the infrastructure becomes more 
essential to corporations, etc., more regulation will be put 
into place and in 20 years’ time, the Internet will be a very 
different place. 

As with Wikileaks, the Snowden incident will no doubt 
take years to come to a legal and political conclusion. 
Meanwhile, tit-for-tat actions and attacks will continue to 
escalate whether they come from individual hackers, or- 
ganised crime, government agencies or the military. We 
should focus on strengthening infrastructure rather than 
getting distracted by politicians. 

It has always been war on the Internet. It is just that we 
have moved on from using words to throwing rocks, sticks 
and using much larger scale weapons. 


ROB SOMERVILLE 

Rob Somerville has been passionate about technology since 
his early teens. A keen advocate of open systems since the mid 
eighties, he has worked in many corporate sectors including fi- 
nance, automotive, airlines, government and media in a vari- 
ety of roles from technical support, system administrator, de- 
veloper, systems integrator and IT manager. He has moved on 
from CP/M and nixie tubes but keeps a soldering iron handy 
just in case. 
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MaheshaOpenBSD 


—- OpenBSD In A Serpent World 





The article focuses on a turnkey server made with OpenBSD. 
This is available as a USB image that can be immediately 


deployed in the SOHO (Small Office — 


Home Office) environment. 


MaheshaOpenBSD Server is a flavor of the MaheshaBSD Server, 
Originally based on FreeBSD, that runs on OpenBSD 5.2 and was 


released on April 5, 2013. 


What you will learn... 
« how to set up a quick and secure server for SOHO purposes 
¢ how to use OpenBSD quickly anywhere in the world 


cure server using OpenBSD on a USB flash drive 
and how to set up the secure server in a few sec- 
onds without installing OpenBSD onto your hard drive. 


7 his article will teach anybody how to deploy a se- 


Welcome Into The World Of Serpents 


n article entitled “MaheshaBSD Server: MySQL and 
WordPress in FreeBSD” was published in issue 44 of BSD 
Magazine. Now, the project MaheshaBSD has been ex- 
tended to all major flavors of BSD distributions including 
NetBSD, OpenBSD and DragonFlyBSD. Not many BSD 
systems (like NetBSD) were previously available with pre- 
installed software as USB images, thus this project has 
an educational purpose too. At present, the MaheshaBSD 
Project has two versions: 


¢ General-purpose and free MaheshaBSD USB/CD 
distribution (FreeBSD, NetBSD, DragonFlyBSD). 

¢ Server version of MaheshaBSD (FreeBSD and Open- 
BSD), which is free for personal use. 


At the time of writing, the MaheshaBSD Project consists of: 


¢ MaheshaBSD —- a general purpose LiveCD distribu- 
tion based on FreeBSD 9.0-RELEASE. 
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What you should know... 
« basic use of OpenBSD 
« basic shell commands 


¢ MaheshaBSD Server — the same thing as Ma- 
heshaBSD, but this is the server version with addi- 
tional software common to server deployments like 
WordPress, MySQL, phpMyAdmin, etc. installed. This 
edition is only available as a USB image. 

¢ MaheshaNetBSD — a general purpose NetBSD USB 
distribution. 

¢ MaheshaDragonFlyBSD — a general purpose Drag- 
onFlyBSD USB distribution. 

¢ MaheshaOpenBSD Server — the subject of this arti- 
cle, an OpenBSD based Mahesha server distribution. 


Releases of these BSD systems are downloadable (see the 
links). The MaheshaBSD Project is copyrighted software. 


Introduction 

A pre-configured turnkey WordPress / FIP Server on a 
bootable USB image is not easy to find on the Internet, even 
on Linux specific sites. MaheshaOpenBSD runs on a writ- 
able USB memory stick that can be immediately deployed 
just by writing the image onto your USB flash drive (At least 
a 4 GB memory stick is required). The project’s goals are 
education, simplicity, BSD advocacy, and a focus on poorer 
countries. The MaheshaBSD slogan is KEEP BSD SIMPLY 
STUPID AND TANTRIC. Most (if not all) online FTP serv- 
ers have restrictions and bypassing them requires payment. 
With MaheshaBSD Server, anybody can use any hard disk 
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and set up their own FTP/WordPress server anywhere in 
the world. MaheshaBSD Server is a social project too as 
people can easily share their files. Students may put a link 
on their personal websites to a MaheshaBSD FTP/Word- 
Press server running at their home and share their files (vid- 
eos, MP3’s, etc.) with anybody in the world (Figure 1). 

MaheshaOpenBSD Server is the same thing as Ma- 
heshaBSD Server. Both MaheshaBSD Server (FreeBSD) 
and MaheshaOpenBSD Server (OpenBSD) will offer us- 
ers the same functionality — that is, an almost identical 
desktop interface with IceWM, a turnkey WordPress and 
FTP server with MySQL. Both systems can also run from 
a USB flash drive. You can make an ISO image with Ma- 
heshaOpenBSD and use it in conjunction with alternate 
deployment strategies. 


A Quick Overview Of MaheshaOpenBSD Server 
MaheshaOpenBSD Server is a server that behaves like any 
website running on any server that you access on the Inter- 
net. You do not need any special knowledge of Unix — you 
will just log in, copy or remove files, and that’s it (Figure 2). 
lf you have a Facebook account, nothing will be easier 
than just sharing a link to this SOHO server (usually it is 
not easy and definitely not cheap to share tons of files on 
the Internet). All you need to do is enable the IP Forward- 
ing feature in your router. With a spare notebook, you will 
have a home server with tons of files that you can instantly 
share with friends as MaheshaOpenBSD Server does not 
need any special setup. WordPress behaves the same 
way like in MaheshaBSD Server (FreeBSD). You can 
keep your colleagues or family updated with your prog- 
ress. Provided you ran the dhclient on your network card 
in MaheshaOpenBSD, the ifconfig command will show 
you which IP to use. Use this IP in your browser, or alter- 
Saar cee ccc 
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Figure 1. With MaheshaOpenBsSD Server you may watch videos over 
the network 
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You can talk the talk. 
Can you walk the walk? 


SACU a 


WHAT’S NEW 


natively change the hosts file on the computer from which 
you will access MaheshaOpenBSD Server: 


192.168.1.101 manasa 


The hosts file in Windows resides in C:\Windows\Sys- 
tem32\drivers\etc (on almost all versions of Windows). 

lf you edited your hosts file as mentioned above, Apache 
server will then run on: http://manasa. FTP server will run 
on: ftp://manasa. WordPress will be accessible at: http:// 
manasa/wordpress (Figure 3). 

To listen to audio files or to play video files over the net- 
work, you must have the Flash Plugin installed in your 
browser on the computer from which you will access Ma- 
heshaOpenBSD Server. With files converted to the MP4 
format, you can start your own SOHO “YouTube” alterna- 
tive. To convert files to the MP4 format, just use any free 
online video conversion tool. 


Quick Start 
The basic steps detailing how to use this software are de- 
scribed in the README!!!.txt in the RAR file that is avail- 
able on the Internet at fto://2227.x.rootbsd.net/index.html. 
Download the image, unrar it and use the following com- 
mand (OpenBSD) to write it onto your flash drive (assum- 
ing the flash drive has been attached to /dev/sao — check 
before executing the command): 


dd if=MaheshaOpenBSD.ima of=/dev/sd0 bs=10240 conv=sync 


If you use Windows, use a program such as Winlmage. 
Boot the image: reboot your computer to ensure that the 
USB boot is enabled. 
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Graphics 
You ane free to use the mage below on an Apache-powered web server 
[ecole «| lt 
Figure 2. Just replace the Apache server's default files in /var/www/ 
htdocs 
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Log in to MaheshaOpenBSD 
Server physically as root with 
password manasa71 (change the 
root password as soon as possi- 
ble). Run the dhclient command 
to get a new IP address from 
your local network. For instance 
if your network card is fxpo, type the following in your shell: 
dhclient fxpo.Edit the hosts file on your host computer to 
add the IP of your MaheshaOpenBSD Server. This will en- 
able you to access MaheshaOpenBSD Server's services 
(but this is required only for WordPress). That’s all. 
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Figure 3. The boss account 
in Windows accessible via 
samba 


How To Use FTP/WWW Server In 
MaheshaOpenBSD Server? 

FTP 

To operate the FIP server immediately, log in to Ma- 
heshaOpenBSD Server's vsftpd account via SFTP (pass- 
word: 71/manageme — passwords for all accounts are in 
/home/guest5/passes.txt). You may also use a free Win- 
dows program like WinSCP (Figure 4). 

As you see, WinSCP works very well. Copy any- 
thing tO CopyFTPfileHere directory — /home/vsftpd/ 
CopyFTPfileHere, then log in via SSH to MaheshaOpen- 
BSD Server's guest5 account, (password is guest6), fetch 
your passwords and then log in as “boss” via SSH. su to 
root and copy that file from copyFTPfileHere in /nome/vs- 
ftpd to /home/vsftpd/ftp. This seems a little bit more com- 
plicated than in MaheshaBSD Server (FreeBSD), but this 
is because VSFTPD behaves differently in OpenBSD. 

The configuration file for VSFTPD (vsftpd.conf) in Ma- 
heshaOpenBSD Server will help beginners learn about 
this different behavior. Contrary to FreeBSD, OpenBSD 
stores this file in /etc. 


WWW/WordPress 
www 
Just copy *.php, *.htm, or anything to /var/www/htdocs. 
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Figure 4. Files to and from MaheshaOpenBSD Server are copied with 
the SFTP file protocol 
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MaheshaOpenBSD - OpenBSD In A Serpent World 


WordPress 
As already stated, you must edit the hosts file on your host 
computer as WordPress needs it in its settings. It would 
be unpleasant to have to change it every time because of 
dynamic IP’s, etc (Figure 5). 

WordPress is quite easy to use. Add pictures, files, or 
create new links, etc. after you log in. To change the intro- 
ductory screen, edit Hello world! in your Posts (Figure 6). 


Some Notes And Tips 

MaheshaOpenBSD Server has espeak (text to speech 
conversion software) and a number of other useful utili- 
ties. New packages can be installed easily (from the In- 
ternet) = just type pkg-get -i package in your shell. Pkg- 
get is a useful script, as it will also help you search for 
packages. For example, if you type pkg-get -s fire In 
your shell, you will see all packages available with the pre- 
fix “fire”. To install a package, just select its number and 
press Enter. A number of packages are installed in Ma- 
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Figure 5. The WordPress introductory screen in MaheshaOpenBSD 
Server is self-explanatory 





Hedy, admin 

- a - ; 

“ |ty General Settings adrein 

Ca Edit hy Paodile 
‘ Site Title manasa e 

a Log Oui 

0 Tagline Ju! another WordPress sie 

= (ne Re po, aegnuin eed Bis sae a abet 

i VierdPrecs Addirete: (LAR) http: /eanaeaordpress 

ite 

% Site Address: (RL) htep: //anasawordpress 

o Endo the paces here (Ae) EE ACL Se Pau ich ee Sree Ecard ia 





Th widely Mores 
a 


E-mail Address mahigapuraggavabil. com 


F Pope ier eh aay a eerie hare, Aa eer! Leet Pia iach 
Mombershig [Anyone can negister 
New User Default Rote Subscriber | 


Figure 6. /t is advisable not to use IP’s because they change 


www.bsdmag.org 








heshaOpenBSD Server. You can see them all in /pkg. To 
use X, type startxaut (the script will generate /etc/x11/ 
xorg.conf and will start your X session automatically). You 
may also learn Sanskrit. To write documents, | decided to 
use the Seamonkey’s Composer Component — its icon is 
on the IceWM desktop like in all MaheshaBSD projects. 
Keyboard layouts are available in the IlceVWM menu — Start 
> Utilities. 

MaheshaOpenBSD Server has a secure search en- 
gine (https://startpage.com). After you open Firefox or 
Seamonkey, you will see the picture of a white cobra. On 
other tabs, you will see some helpful sites. phoMyAdmin 
is available too (Figure 7). 

When you make a DVD with the makeiso script, ignore 
the error message “UNEXPECTED INCONSISTENCY” 
after you boot MaheshaOpenBSD DVD. Just type exit and 
go. Everything will work just like with a USB flash drive. 

After copying the files you want to share with your 
friends or installing anything necessary for you, run the 
script /root/bin/sd0ro to make MaheshaOpenBSD Serv- 
er read-only (except for the directories that are in memo- 
ry). This is a good security tip. 

Change passwords!!! This is important as the pass- 
words are publicly available. You may also change pass- 
words when this is on a read-only USB flash drive (tempo- 
rarily) aS /etc resides in memory. To work with your new 
passwords on the next reboot, copy /etc to /etc2 when 
this is writable (/etc2 is not in memory). 

Except for /etc, you can make all changes permanent 
when you next reboot (in /var, /home, /root) by running 
the script /mfs/makeetcnomnt from within MaheshaOpen- 
BSD Server, or /mf£s/makeetc If you mounted this USB im- 
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Figure 7. The white cobra is a very rare cobra and it lives in the 
weirdest places of India 
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age from OpenBSD running on your hard drive. The same 
applies to /var (makevar and makevarnomnt), /root, and 
the /nome directories. 

lf you need a larger FTP storage, all you need to do is 
mount another disk to /nome/vsftpd/ftp. MaheshaOpen- 
BSD will work with any external or additional USB flash/ 
hard drive. 


Security 

MaheshaOpenBSD Server is primarily an Intranet server, 
but if you plan to open this thing to the world, you must 
take a few security measures: 


¢ change the root password 

¢ change the MySQL password 

¢ change the WordPress password 

¢ kill VSFTPD (or MySQL) if you do not plan to use it 
¢ upgrade WordPress 


For WordPress, see the file /var/www/htdocs/wordpress/ 
wp.config.php, where you will also find the MySQL pass- 
word. There are many sites that will tell you how to 
change the MySQL password (Figure 8). 

Logs are in /var — for example, /var/logs/vsftpd.log 
stores all the activity for the VSFTPD Server. Apache logs 
are IN /var/www/logs; MySQL logs are in /var/mysql. 

The best security tip is not to use SSH. To solve this, log 
in to your MaheshaOpenBSD box and look at the sample 
/root/bin/atme script. This script will turn the SSHD dae- 
mon off at a specific time and turn it on at the time you 
specify. This means that the best security measure is to 
log in to MaheshaOpenBSD over network, edit the /root/ 
bin/atme SCript as you wish (the file contains the explana- 
tion in a commented text) and run it. The /root/bin/atme 
script will shut the SSHD daemon in two minutes and will 
start it at any time you specify. You do not need to edit 





Figure 8. The following tcp/ip ports are open in the “default” 
installation 
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anything else for this script to work. All you need to do is 
edit the /root/bin/atme script as follows: 


at -f /root/bin/atmel now + 2 minutes 


- this will kill the SSHD daemon in 2 minutes 


sleep 3 ; at -f /root/bin/atme2 now + 5 minutes — this 
will start the SSHD daemon in 5 minutes, but it is better 
to change the above value to a couple of hours or days (5 
days). Only you will know when to log in. The above tip is 
my own invention and | use it with my FreeBSD box. 

The fact that the user runs OpenBSD in MaheshaOpen- 
BSD does not mean that the MaheshaOpenBSD Server is 
secure. We as humans must follow certain rules. Without 
them, we will become vulnerable. But MaheshaOpenBSD 
is on a writable USB flash drive and you are advised to se- 
cure it to your liking. Do keep in mind that users have dif- 
ferent priorities. If security is your priority, change the se- 
cure level *-1" in /etc/rc.securelevel to higher numbers 
and take some other measures, too, like avoid running X. 
Use your own judgement! 


Conclusion 

Portability is a great feature of this thing! It is not easy to 
carry your computer with you, nor is it always effortless 
to edit configuration files on a computer that you do not 
own. MaheshaBSD Server or MaheshaOpenBSD Server 
is “a computer in your pocket”, a difficult-to-find thing for 
thieves who will always find it easier to steal notebooks 
from cars or cafeteria tables. OpenBSD is one of a few 
projects made with love and great enthusiasm. | hope that 
this great work, MaheshaOpenBSD, will help advocate for 
OpenBSD and attract people outside of the BSD world. 
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2) Configuration Change Tracking & Analysis 
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Security Policy Development in 


TrusteqdBSD MAC 


Framework 


Trusted Operating Systems are the next level of system security. 
They offer both new security features and a high assurance 

of successful implementation. Trusted systems differ from 
secure systems in many principles. Trusted Systems established 
the concept of “ranking” systems with different degrees of 


trustworthiness. 


What you will learn... 

« How to write OS Security policy 

« MAC Security Framework structure 

« Installation and configuration of Nagios with MAC Security 
Framework 


make a judgment based on the security of systems. 

Operating systems have to implement security policies, 
and different mechanisms are used to enforce such poli- 
cies. There are various operating system security policies 
such as the Massachusetts Library System (MLS) and Bi- 
ba, which was developed by Kenneth J. Biba. This article 
describes the overall process of developing and applying 
different security policies within the FreeBSD kernel under 
the TrustedBSD MAC Security Framework. 


n such systems, users decide on trustworthiness and 


Introduction 

A kernel is a central component of an operating system. It 
acts as an interface between user applications and hard- 
ware. The main purpose of the kernel is to manage the 
communication between the software (user level appli- 
cations) and the hardware (CPU, disk memory, etc). The 
main kernel tasks are: Process Management, Device 
Management, Memory Management, Interrupt Handling, 
I/O Communication and File System. New kernel struc- 
tures arose consisting of several modules classified in- 
to static (base) kernel modules and dynamic “pluggable” 
kernel modules. The main advantage of dynamic kernel 
modules is the ability to be attached at run-time in a flex- 
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What you should know... 

- Basic understanding of FreeBSD 

« How to install FreeBSD 

« Howto install port (application) on FreeBSD 


ible way. In the static version of the kernel, all modules 
must be present at kernel compilation time. On the other 
hand, in the dynamic scenario, modules have to be avail- 
able only during run-time. Furthermore, the security and 
performance tradeoffs are formulating the best approach 
to use in kernel compilation. On the other hand, different 
security models and policies were implemented in OS ker- 
nels to add many security features to the “plain” kernels. 
From an operating system point of view, security policies 
are the restrictions that administrators would like to ap- 
ply while mechanisms are the procedures used to enforce 
such policies. There are various operating system secu- 
rity policies such as MLS and Biba policies. 


Security Policies Problems 

The variety and non-standardization of the design of secu- 
rity policies introduced conflicts between implementations 
of these policies. Different vendor implementations along 
with security policies’ intentions caused big headaches for 
security developers. In addition, frequent changes in us- 
er requirements and the need for policy customizations 
pushed security developers to seek a new security meth- 
odology for covering these issues. In the past, kernels were 
adapted to one security model at most. Furthermore, we 
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had to include the security policy in the kernel configuration 
file before compiling the kernel. However, this inflexibility in 
embedding security policies in the kernel was a huge prob- 
lem. Continuous work by researchers led to the introduc- 
tion of new concepts for OS security. This technique focus- 
es on implementing an intermediate layer between security 
models and kernel services. This intermediate layer offers 
policy composition manipulation and customization in ad- 
dition to the capability to attach different security policies 
at run-time. One of the most common security frameworks 
implementing the mentioned points is the MAC framework. 
The MAC framework provides a set of wrappers for use by 
different policies’ vendors. Figure 1 describes the overall 
architecture of the MAC framework. 


MAC Security Framework in detail 

Two of the most significant security mechanisms are file 
system Access Control Lists (ACLs) and Mandatory Ac- 
cess Control (MAC) facilities. Mandatory Access Control 
allows new access control modules to be loaded to sup- 
port new security policies. Some modules provide pro- 
tections of a narrow subset of the system, hardening a 
particular service. Others provide comprehensive labeled 
security across all subjects and objects. The mandatory 
part of the definition comes from the fact that the enforce- 
ment of the controls is done by administrators and the 
system and is not left up to the discretion of users as is do- 
ne with discretionary access control (DAC, the standard 
file and System V IPC permissions on FreeBSD). One 
of the most common implementations of the MAC Secu- 
rity is the TrustedBSD MAC Framework. The TrustedB- 
SD MAC framework provides a mechanism to allow the 
compile-time or run-time extension of the kernel access 
control model. New system policies may be implemented 
as kernel modules and linked to the kernel; if multiple pol- 
icy modules are present, their results will be composed. 
The MAC Framework provides a variety of access control 
infrastructure services to assist policy writers, including 
support for transient and persistent policy-agnostic object 
security labels. 


Detailed Architecture 

MAC Framework Interfaces for Kernel Services 

The MAC Framework presents a set of entry points to se- 
lected kernel services, permitting the services to provide 
event notification to the MAC framework and providing the 
ability for the MAC Framework to maintain a security label 
within kernel objects maintained by the kernel services. 
In FreeBSD, the interface used by its kernel services to 
communicate with the MAC Framework is defined in sys/ 
mac.h. This includes the APIs for all entry points from the 
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kernel services. In addition, sys/ label.h defines struct 
label, a data structure used to store policy-agnostic label 
data in kernel objects. This structure is embedded into 
many kernel service structures. 


Framework Kernel Service Entry Points 

Modifications have been made to kernel services to in- 
voke MAC Framework entry points. These modifications 
affect object initialization, association/creation, and de- 
struction, as well as in common paths requiring access 
control at high levels in the kernel. With layered services, 
it is often necessary to defer access control decisions until 
enough information is available. 


Framework Implementation 
Entry point implementations, label primitives, policy regis- 
tration, and user/kernel APIs are centralized in kern mac.c. 


Framework Interface for Policies 

The MAC Framework provides several interfaces to secu- 
rity policy implementations, including interfaces for policy 
management, label storage, process label management, 
object life cycle, access control, and system life cycle. Ex- 
tensions implement arbitrary subsets of the available in- 
terfaces, allowing implementers to select the events and 
services that are relevant to a particular policy. Interfac- 
es common to the framework and policies and defined in 
sys/mac policy.h. Definitions include entry point and reg- 
istration interfaces, as well as common access methods 
for MAC Framework services. 


Policy Implementations 

Each policy is represented by one kernel module, discour- 
aging inter-dependency. Typical policies are implemented 
in a single C file, but complex policies are implemented 
over many files. 


Interfaces to User Processes 

Interfaces for user processes are defined in sys/mac.h, 
implemented in libc, and may be dynamically linked into 
any applications. 


Kernel 
Saas 





Figure 1. MAC Framework Overall Architecture 
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Main Idea 

The main idea behind TrustedBSD MAC framework is 
labeling different kernel objects to provide the ability to 
track them. A label is a security attribute which can be ap- 
plied to files, directories, or other items in the system. It 
could be considered a confidentiality stamp; when a label 
is placed on a file, it describes the security properties for 
that specific file and will only permit access by files, users, 
resources, etc. with a similar security setting. The mean- 
ing and interpretation of label values depends on the pol- 
icy configuration. While some policies might treat a label 
as representing the integrity or secrecy of an object, other 
policies might use labels to hold rules for access. Table ‘1 
shows the basic kernel elements that are labeled for ker- 
nel elements. 


Table 1. Labeled Objects 





struct vnode VFS node 
Struct pipe IPC pipe 


struct mount File system mount 


struct devfs_dirent Devfs entry 


struct bpf_desc BPF packet sniff device 


Now, let's move to MAC implementation in FreeBSD 
kernels. The following points clarify the required steps to 
allow run-time MAC security on your FreeBSD machine: 


Adding MAC support to the kernel 

Kernels should have MAC support to give the flexibility of 
implementing and composing security policies. To achieve 
this, add mac option to your kernel configuration file which 
IS /usr/src/sys/conf/GENERIC by default. 


options MAC 

Next, recompile the kernel to rephrase the kernel for 
MAC support. In order to compile a GENERIC kernel, do 
the following steps: 


¢ Change to the /usr/src directory: 


# cd /usr/src 
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¢ Compile the kernel: 
# make buildkernel KERNCONF=GENERIC 


Note: You can omit KERNCONF=GENERIC If you are refer- 
ring to the default configuration file. 
¢ Install the new kernel: 


# make installkernel KERNCONF=GENERIC 


Note: You can omit KERNCONF=GENERIC If you are refer- 
ring to the default configuration file. 


Embedding MAC Policy 

Security policies are either linked directly into the kernel, 
or compiled into loadable kernel modules that may be 
loaded at boot, or dynamically using the module loading 
system calls at runtime. 


Policy Declaration 

Modules may be declared using the mac poLticy sET() 
macro which names the policy, provides a reference to 
the MAC entry point vector, provides load-time flags de- 
termining how the policy framework should handle the 
policy, and optionally requests the allocation of label state 
by the framework (Listing 1). 

The MAC policy entry point vector, mac policy ops In 
this example, associates functions defined in the module 
with specific entry points. Of specific interest during mod- 
ule registration are the .mpo destroy and .mpo init entry 
points. .mpo init will be invoked once a policy is Success- 
fully registered with the module framework but prior to any 





Listing 1. mac_policy_ops function 
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other entry points becoming active. This permits the policy 
to perform any policy-specific allocation and initialization, 
such as initialization of any data or locks. .mpo destroy 
will be invoked when a policy module is unloaded to per- 
mit releasing of any allocated memory and destruction of 
locks. Currently, these two entry points are invoked with 
the MAC policy list mutex held to prevent any other entry 
points from being invoked. This will be changed, but in the 
meantime, policies should be careful about what kernel 
primitives they invoke to avoid lock ordering or sleeping 
problems. 

The policy declaration’s module name field exists so 
that the module may be uniquely identified for the purpos- 
es of module dependencies. An appropriate string should 
be selected. The full string name of the policy is displayed 
to the user via the kernel log during loading and unloading 
events, and also exported when providing status informa- 
tion to user processes. 


Label Configuration 

Virtually all aspects of label policy module configuration 
will be performed using the base system utilities. These 
commands provide a simple interface for object or subject 
configuration or the manipulation and verification of the 
configuration. 

All configuration may be done by use of the set£fmac (8) 
and setpmac(8) Utilities. The setfmac Command is used to 
set mac labels on system objects while the setpmac Com- 
mand is used to set the labels on system subjects. Observe: 


# setfmac biba/high test 


If no errors occurred with the command above, a prompt 
will be returned. The only time these commands are 
not quiescent is when an error occurred, similar to the 
chmod(1) and chown(8) Commands. In some cases, this 
error may be a Permission denied and Is usually ob- 
tained when the label is being set or modified on an ob- 
ject which is restricted. The system administrator may 
use the following commands to overcome this: 


# setfmac biba/high test 


This is usually what you get when you try to set MAC la- 
bel to “test” directly: 


“Permission denied” !!! 
To avoid this problem, wrap label change into new mac 


process. The next command forks new mac process and 
assigns mac label with highest possible privileges 
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# setpmac biba/low setfmac biba/high test 
Finally, verify what you just did! 


# getfmac test 
test: biba/high 


Two types of labels are available: singlelabel and mul- 
tilabel. By default, all the labels are singlelabel items. 
The multilabel option permits each subject or object to 
have its own independent MAC label in place of standard 
singlelabel option which enforces single label through- 
out the partition. The multilabel and singlelabel Op- 
tions are only required for the policies implementing la- 
bel feature, including the Biba, Low Water-Mark man- 
datory access control (Lomac), MLS and Security En- 
hanced BSD (SEBSD) policies. The multilabel is re- 
quired when we have different policies implemented to 
set a policy for each labeled object. To set multilabel on 
the filesystem: 


# tunefs -l enable / 


Policy Configuration 
The Table 2 shows the set of predefined policies for Trust- 
edBSD MAC for use instead of creating new ones. 


Table 2. MAC Policies 


mac_bsdextended “File system firewall” using existing 
credentials/permissions 


mac_lomac Hierarchal floating-label integrity 


mac_none Prototype stub policy 


mac_seeotheruids __ Inter-process visibility policy based on 
existing credentials. 


sebsd Port of the SELinux/FLASK/TE 














Case Study (Apply MAC to files and Test it via 
Nagios) 

In this example, we will simulate a typical MAC Securi- 
ty scenario for Sendmail service with the aid of Nagios, 
one of the most common applications in the field of IT 
infrastructure monitoring. | highly recommend trying this 
example on a virtual machine because failing in admin- 
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istering your system well might cause user account inac- # cd /usr/ports/databases/mysql51-server/ 

cessibility. Before starting this example, the multilabel  # make install clean 

option must be set on each file system. Missing this label 

will result in errors. Note: this port, i.e. application, will install the MySQL 
server and the MySQL client as well (Figure 2). 

Setting multilabel flag over the filesystem through sin- °¢ Enable MySQL service at system startup 

gle user mode: 


#echo ‘mysql enable="YES”' >> /etc/rc.conf 


Se 


tunefs -l enable / 
¢ Start MySQL service immediately to avoid rebooting 
Install MySQL Server your machine 


COOP ePC PP e Pee e rere CELL. 
ees hk juiet susrelocal/informysq]. info “usreloc ‘info-rdir # /usr/local/etc/rce.d/mysgql-server start 
i ar talling re.d orp rnEe i ae 9 a i] 
impressing manual pages for nus! Server-3.1.44% Ctartin mvsal. 
i ttering installation For mysql=-server=5.1.44 2 end 
> SECURITY REPORT: + 
This port has instal le d the following Files which may act as network 
servers and may therefore posé a remote security risk to the system, 
r“local/libexec¢mysqld 
a a ee ee ¢ Change Administrator Password for MySQL 
This port has installed the following startup scripts which may cause 
these network services to be started at boot time 
flocalretcerc.dsmysy l-server 
a iii th Mice lad Bal Le 1 SO gsc les chen: Led ge es md #f mysqladmin =U OO password adminpassword 


risk to the System. red ee _ ‘aakes no quarantee about the ecurity of 
ter te included in ee sepa Collection. Please a ae eae. rere La Tt 
ja es | ee | Dd tity tC Gt this LS a Concern . . 
¢ Install Apache Application Server 
For more information - and contact details about the Securit i 
a ee ed 
ee edi eg 
Cleaning for mysql-client-5.1.44 # cd /usr/ports/www/apache22/ 
Cleaning for mysqgl-server-5.1.4: 


# make install clean 





Note: Make sure that you enabled mysql-support 
(Figure 3 and Figure 4) 
¢ Enable Apache service at System Startup 


Use develvapr as APR (preferred) 
Enable cere n ae Suppo rt in APR 


e Postgre 1] ppe echo ‘apache22 enable="YES”’ >> /etc/rc.conf 
SQLite support for peaks i P = / / 
IPvh support 
BerkeleyDER dbm 
tx) an BASIC Enable mod_auth_basic oe 
emer Enable mod_auth_digest Listing 2. Start Apache Service 
BAGS Enable mod_authn_file 
Enable mod_authn_dbd 
Enable mod_authn_dbm 
Enable mod_authn_anon \ secre Wr 
es Bre atta Bravia uadiauend der oats # echo ‘apache22 enable="YES 2 Gee / Ge. Come 
oe a See We che ors alot elrectatatate # /usr/local/etc/rce.d/apache22 start 


(oa) Cancel 





Performing sanity check on apache22 configuration: 
Syntax OK 

Diao ENG wapacehne2Z . 

# 


eee ee ee ee a | ee 








RT| ldconfig 


Serrart TU ee ioe pore eae ea 


Hegistering inestallation for apache-2.2.14_5 
ECURITY RK aa a 
i Oe ee a a oe ed ee ld 


_ Hotes: es Noel pose a remote security risk to the system - (3 a] localhost 


eh = port 1 Paes ie | tea he folli he / Lh) a he if SCF if 4 tilt ii in Winti. J i An Se 
these network services to be started at boot time 
fae eT ee ee eae 


eee ae ee al oe Lee le ith 
It works! 
oe eee oe i ee programs there may be a security : * 





Ti Re oe al ae 7 ee i a i a 
the Ports Collection. Please type ‘make deinstall~ 
it aaah 1s & CONnCcern 


» &0d contact details about the security 
ttus of this software, see the following webpage: 
ay t + ee ete | 
; ee wey , ‘btool 7 er ae =] 
i ee ee er el 





Figure 4. Apache after installation Figure 5. Testing Apache 
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WHAT’S NEW 


¢ Start Apache Service Immediately to avoid rebooting 
your system (Listing 2) 

¢ Check if your Apache server is up through hitp:// 
yourlP/ (Figure 5) 

e Install PHP5 


# cd /usr/ports/lang/php5/ 


# make install clean 


Note: Make sure that you enabled apache support 
(Figure 6) 
Install PHP5 Extensions 


# cd /usr/ports/lang/php5-extensions/ 


# make install clean 


Note: Make sure that you enabled mysql-support and 
session support (Figure 7) 





Listing 3. Enable PHP in Apache 


DirectoryIndex index.php index.html index.htm 
AddType application/x-httpd-php .php 


AddType application/x-httpd-php-source .phps 











Options for phpS 5.2.12 











a Build CLI version 
GI Build CGl Sarr 
Pe Die nie ea L tipact Tet ne fk Trees 
ee Enable debug 
as 4) Enable Suhosin protection system (not for jails) 
oO Enable zend multibyte support 


fit, Enable ipvi support 





mh Enable mail header patch 

©, Enable force-cgi-redirect support (CGI only) 
eee ht Enable discard-path support (CGT only) 
Baciete Enable fastcgi support (CGI only) 


(xX) ¢ Enable path-info-check support (CGI only) 


Cancel 











Options for phph-extensionws 1.3 








mcr] | PostgresgL database support 
| Bika be POS TX=-like functions 

BE pspell support 

Os eae readline support (CLI only) 


he ath recode support 
Bess i Ca 4 11 oe 
shmop support : 


simplexml support 


C a wn ode 
ua! alee Dacor e 


lala SHAP support 

ai. SOAP support 

ole ee sockets support 

mb Standard PHP Library 


Sa bys 

Cee ii ames 

Cea ei stom 
Jie 


eglite support 
Sybase database support 
system W message support 


Cance | 





Figure 7. PHP5 Extensions Configuration Parameters 
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Rename php.ini-dist to php.ini 


# cp usr/local/etc/php.ini-dist /usr/local/etc/php.ini 


Configure Apache to enable PHP support and ap- 
pend the lines from Listing 3 to apache configuration 
file (httpd.conf) (Figure 8) 


# ee /usr/local/etc/apache22/httpd.conf 


Install Nagios 


ieee ee Cae 
undelete line 
delete word 
restore word 


“p prey Li “gf prey page 
“n next li aac 
“bh back 1 char 

“f forward 1 char 

“| undelete char “z next word 


ft [aah Fe ee Be nu 

& Pai c es 

a: ae i) a x of line 
rt begin of file “e end of Line 
fc command Pde ty 


a Secure (SSL/TLS) connec 
elnclude etcapachezc-e» 


d-ssl.conf 


St Hote: The following eust must be present to support 
starting without SsL on platf > with no -deverandom equivalent 
hut a statically compiled-in mod_ssl, 


i ‘lffodule> 


Cia eae Le hezz- lncludes-#. conf 


i ee 


ae ee ee ee 
a ee 
x=httpd-php-source -phpsf 







Options for nagios-plugins 1.4.14,1 


Game server query support (check_game) 

su ort for non-f looding fast ping (check_fping) 
LET ae 

Radius support (check_radius) 

MySQL support (check_mysq1) 

PostgreSQL support (check_pgsql) 
































“DAP. OpenLDAP support (check_Idap) 
Digtee [Pvh support 


] 

ie 
ene 
] 

] 

Padi iie Compilation within jail(8) (see Makefile) 


‘usr locals] Lbexecrnagilos-ec i = 


ry Le a 
SuUSTEm., 


Pema a kaa | 1 =d the following fi aha 4 
servers and may th Fe ee ed 
ed rae eee eae r -| sp Pega 
ara er a A ed Ded a ro ee ed 


which may act as 
security risk to the 


If there are 
risk to the 
ie) ot a Te ee i Lee 
to deinstall the port if this is 4 


SeEcur i a 
security of 


vulnerabiliti 


; in reas Sema as ee 
system, Free ki 


ia quarantee about the 
Please type “make deinstall" 
Concern 





For more information, and contact detalls about the 
status of this software, see the following webpage: 
ge Eig Peg 

eso to build of 


security 











nagios-3.2.60_1 
nagios-3.2.6_1 depends on file: eusrelocal/includerphp-mainephp.h found 


: rT 
RS 
Td 1 
oc gs ie ee 


Ee ee 


HULU Ded re Pare 


Jouwld you like ae to create it [YES]? YES 


Figure 10. Nagios User and Group creation 
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WHAT’S NEW 





# cd /usr/ports/net-mgmt/nagios 
i aie: See. Giese Listing 4. Apache Configurations for Nagios 
ee /usr/local/etc/apache22/httpd.conf 
Note: Make sure that you enabled SNMP support In ScriptAlias /nagios/cgi-bin/ /usr/local/www/nagios/cgi-bin/ 
Nagios-plugins installation which follows Nagios in- Alias /nagios /usr/local/www/nagios/ 
Sstallation (Figure 9) 
¢ Create Nagios User and Group (Figure 10) <Directory /usr/local/www/nagios> 
¢ Enable Nagios service at system startup Options None 
AllowOverride None 
# echo ‘nagios enable="YES” >> /etc/rc.conf Oieeie 2 lieu, cleiny 
Allow from all 
¢ Configure Nagios (Figure 11-13) AuthName “Nagios Access” 
¢ Start Nagios service immediately to avoid system re- AuthType Basic 
booting (Figure 14) AuthUSerFile /usr/local/etc/nagios/htpasswd.users 
¢ Configure Apache to support Nagios and append the Require valid-user 
lines from Listing 4 tO /usr/local/etc/apache22/httpd. </Directory> 
conf 


<Directory /usr/local/www/nagios/cgi-bin> 


test# cd /usr/local/etc/nagios/ 
ls 
ae 
y 1 root wheel 11404 Mar 3 12:26 cgi.cfg-sample 
ee a) de ee nagios.cfg-sample Order allow,deny 
« root wheel oe Pa SP es ob jects 
1 root wheel 1340 Mar 3 12:26 resource .cfg-sample Allow from all 
test’ cp cgi.cfg-sample cgi.cfg 
test# cp nagios.cfg-sample nagios.cfyg AuthName “Nagios Access” 
test# cp resource.cfg-sample resource.cfg 


testa Jj AuthType Basic 


Options ExecCGI 


AllowOverride None 


AuthUSerFile /usr/local/etc/nagios/htpasswd.users 


Require valid-user 
te ee ed ee ee ee 
ee 

i otal b6 


</Directory> 


root whe 11404 Mar 3 12:26 cgi.cfg-sample 








J 


ef root Pls 
ni wtlene le 


512 Mar 3 12:26 objects 


et 
root wheel 43721 Mar 3 12:26 nagios.cfg-sample 
=a 
a 1340 Mar 3 12:26 resource .cfg-sample 


=p cgi.cfg-sample cgi.cfg 
1 nagios.cfg-sample nagios.cfrg 
cp resource .cfig-sample r urce .cfy 
Paes ee es ee ee ee 0) Oe 


| 


ita ep 1340 Mar 3 12:26 cfg-sample 
at : 
# cp nagios.cfg-sample nagios.cfy 
cp resource .cfhg-sample ! 
fusr¢ localretecrnagios‘ob jects 
l 


Pe et ol ed 


r-rw-r--r-- 1 root whee rel4 Har 3 12:26 commands.cfg-sample 
ia iy L root elt re ise ee Wh Wie 3 14:26 contacts .cfq-sample 
oan i root whee 3415 Aar 3 l¢é:46 localhost .cfig-sample 
pe ot sleet tee i a 3124 Har 3 12:26 printer .cfg-sample 
rw-r--r root whee 3 Mar 3 12:26 switch.cfg-sample 
tl et i root whee a | (26 templates .cfg-sample 
atte ete 3209 Mar 3 12:26 timeperiods .cfg-sample 


root whee ‘ceo i ee er te ee 


| ri 

| rag gd | Lae -fq-sample 

| he ae » Incalhost .cfg-samp le 
Se as | ) printer .cig-sample 
| £ weet. 
| 


i r 
| gt Co a 
1 root whee 
l root whee 
l root whee 
1 root whee : 
I Ll root wheel all i 
SU ewe ere ee eee ee 
ih e ci y-samp le contacts.ct ij 
ost .cfg-samsple localhost.cfg 
inter .cfg-sample printer .cfg 
ip switch.cfg-s: ee ee | 
) templates .cig-sample templates .clg 
Ci t qa | Sample t IMeper ods re | YW 





root whee ee ee ee ee i eet ht 
Pe giley de | 
Fe te ee ee 
1 1 


‘. ae et ete i 
| J ‘usr locale gee eae eee ata 
Performing sanity check of nagios configuration: OK 


oot whee 1346 Har | 
ee oe 


cp cyl .cfg-sample cqgi.cfg 
| -Cig-sample nagios .ctg 
rce.crg-sample resource .crg 


oe ara ees fal tl ea | ] ieee ob jec toa 


trent Hs Fae ase MT ae ee Me eT | — — — ie ol Sai te ee eS Se a ar - 
test# /usr/local/etc/rc.d/apachedzé restart 
ferforming sanity check on apachedd configuration: 
syntax OR 


a 


tte Ld Fag ia] ai as ed ee 
rope Wy eed an i 7] “ar rc localhost .i ia I 
tte s printer.cfg-sample 
meh! te a233 far 3 a ed ek ete 
imeem 1e 2 7 z Ait) ee a cry sta) Ue es 
I 1 root whee! Fa I a ea ood ea ease een) 
cp commands .cfg-sample commands .cfg 
cp contacts .cfq-sample contacts .cfg 
ed ee ee ee ee ee ee ee 


> 


topping apachedd. 

aiting tor PIDS: 4?¢/726. 

Performing sanity check on apachedé configuration: 
mt aed! 

starting apachede. 

test# fl 


1 ioe Ld ae q-= imp le eed a | 
i | ar es] le sweitch.cf J 
cp templates .cfg-sample templates.cfy 
ge ee ae eee ee le a eed a ea ee 
teste § 





Figure 13. More Configuration on Nagios Figure 15. Restarting Nagios 
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Security Policy Development in TrustedBSD MAC Framework 


¢ Restart Apache to apply changes (Figure 15) 
¢ Login to Nagios (Figure 16 and Figure 17) 
¢ Create an insecure User Class 


Begin the procedure by adding the user class from List- 
ing 5 tothe /etc/login.congf file. 

Finally, add the following line to the default user class: 
:label=biba/high: #Set privileges higher than other 
labels 


Once this is completed, the following command must be 
issued to rebuild the database: 


# cap mkdb /etc/login.conf 


Boot Configuration 

Next, we have to adapt boot configurations to load the 
MAC policies at boot time. Add the following lines to / 
boot/loader.conf So the required modules will load dur- 
ing system initialization: 


mac biba_ load="YES” 


mac _seeotheruids load="YES” 


Configure Users 
Set the root user to the default class using: 


# Pw usermod root -L default 


| https (152,168,637 nagiess 





4 usémanmne and password are being requested by Attp.//192.168.6.37. The site says: 
"Wagias Access™ 


User Name: I 


Password: 


@ Cancel or 








Figure 16. Logging into Nagios 


i “ @ i) eek a oe = ie | = ot 





Figure 17. Nagios Homepage 


www.bsdmag.org 





Now, all user accounts that are not root or system users 
will require a login class. Otherwise, users will be unable 
to execute common commands such as vi. The following 
sh Script should do the trick: 


# for x in ‘awk -F: ‘($3 >= 1001) && ($3 != 65534) { print $1 }’ \ 


/etc/passwd’; do pw usermod $x -L default; done; 


Drop nagios and www users into the insecure class to 
avoid being caught by MAC: 


# pw usermod nagios -L insecure 


# pw usermod www -L insecure 


Create the Contexts File 

A contexts file should now be created; the example file 
shown on Listing 6 should be placed in /etc/policy. 
Contexts: 

This policy enforces security by setting restrictions on 
the flow of information. In this specific configuration, us- 
ers root and others should never be allowed to access 
Nagios. Configuration files and processes that are a part 





Listing 5. Nagios Configuration for MAC Security 


insecure: \ 
:copyright=/etc/COPYRIGHT: \ 
:welcome=/etc/motd: \ 
:setenv=MAIL=/var/mail/$,BLOCKSIZE=K: \ 
‘path= ~/ bin.) cline oin ise, shins, ler bums, Ws, ko@arl, 
lode 9/ bist kee edly loam 
:manpath=/usr/share/man /usr/local/man: \ 
:nologin=/usr/sbin/nologin: \ 
:Cputime=1h30m: \ 
:datasize=8M: \ 
:vmemoryuse=100M: \ 
:stacksize=2M: \ 
:memorylocked=4M: \ 
:memoryuse=8M: \ 
:filesize=8M: \ 
:coredumpsize=8M: \ 
:openfiles=24: \ 
:maxproc=32: \ 
SO TMeO net — ON 
:requirehome: \ 
:passwordtime=91d: \ 
:umask=022: \ 
:1gnorerimeds\ 
: label=biba/10 (10-10): #Set privileges to grade of 
10 with compartments 10 and 10 
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localhost# cd /etc/mail && make stop G& \ setpmac biba/equal make start && setpmac biba/10\,(10-10\) apachectl start 





&& \ setpmac biba/10\(10-10\) /usr/local/etc/re.d/nagios.sh 


Figure 18. Testing MAC on Nagios, Apache and Sendmail 


of Nagios will be completely self contained or jailed. This 
file may be read into our system by issuing the following 
command: 


# setfsmac -ef /etc/policy.contexts / 


The previous command sets Biba policies to all the pro- 
posed objects. 





Listing 6. Policy Configuration for MAC, Nagios & Apache 


# This is the default BIBA policy for this system. 


# System: 

/var/run biba/equal #Set 
privileges equal to other labels 

/ Vevey euny) ~ biba/equal 

/dev biba/equal 

/dev/* biba/equal 

/var biba/equal 

/var/spool biba/equal 

/var/spool/* biba/equal 

/var/log biba/equal 

if ene) Mog) = biba/equal 

/tmp biba/equal 

jem] ~ biba/equal 

i Terey ene biba/equal 

/var/tmp/* biba/equal 

/var/spool/mqueue biba/equal 

/var/spool/clientmqueue biba/equal 

# For Nagios: 

just] Vocal/ectc/ magios 

/usr/local/etc/nagios/* biba/10 

/var/spool/nagios biba/10 

/var/spool/nagios/* biba/10 

# For apache 

/usr/local/etc/apache biba/10 

/usr/local/etc/apache/* biba/10 
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forcestart 


Note: The above file system layout may be different de- 
pending on your environment so take care if you are apply- 
ing this to jail or customized architecture; however, it must 
be run on every single file system. The /etc/mac.con¢ file 
requires the following modifications in the main section: 


default labels file ?biba 
default labels ainet Yoiba 
default labels process ?biba 
default labels socket 7biba 


Enable Networking 

It’s important to enable networking to enforce MAC to han- 
dle incoming/outgoing data and defend the kernel from 
external access. Implementing this feature requires you to 
add the following line to /boot/loader.conf: 


security.mac.biba.trust ¢1]1 interraces=1 


And the following to the network card configuration 
stored in rc.con¢. If the primary Internet configuration is 
done via pxcp, this may need to be configured manually 
after every system boot: 


maclabel biba/equal 
Testing the Configuration 


¢ Ensure that the web server and Nagios will not be 
started on system initialization, and reboot. 

¢ Ensure the root user cannot access any of the files 
in the Nagios configuration directory. If root can is- 
sue an Is command on 
something is wrong. Otherwise a “permission denied” 
error should be returned. 

¢ If all seems well, Nagios, Apache, and Sendmail 
can now be started in a way fitting of the security pol- 
icy. The commands shown on Figure 18 will make 
this happen. 

¢ Check the log files or error messages to make sure 
everything is fine. Use the sysctl utility to disable the 
mac_biba security policy module enforcement and 
try starting everything again, like normal. 


/var/spool/nagios, then 


Conclusion 
The MAC Security Framework is a vital security enhance- 
ment in OS cryptology. It introduces run-time policy en- 
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forcement techniques. However, MAC security does not 
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@ WHAT CERTIFICATIONS ARE AVAILABLE? 


BSDA: Entry-level certification suited for candidates 
with a general Unix background and at least six months of 
experience with BSD systems. 


BSDP: Advanced certification for senior system administrators 
with at least three years of experience on BSD systems. 
Successful BSDP candidates are able to demonstrate 

strong to expert skills in BSD Unix system administration. 


@ WHERE CAN | GET CERTIFIED? 


We're pleased to announce that after 7 months of 
negotiations and the work required to make the exam 
available in a computer based format, that the BSDA 
exam is now available at several hundred testing centers 
around the world. Paper based BSDA exams cost $75 USD. 
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WHAT’S NEW 


Using Nginx and Naxsi 


for Security and High Availability 


Nginx is a lightweight and powerful HTTP proxy, mail proxy, and 
reverse proxy server for UNIX-like systems that can also be used 
as an excellent High Availability (HA) and cluster system. Naxsi 

is an Nginx Web Application Firewall (WAF) created to mitigate 
web application vulnerabilities by using an intelligent resource to 


generate whitelist rules. 


What you will learn... 
- Basic setup of the Nginx cluster/load balancer 
¢ How the Naxsi web application firewall works 


and show how to improve web security by using 
the Naxsi Web Application Firewall (WAF). Nginx, 
written by Igor Sysoev, is a forward and reverse HTTP 
proxy server that can also work as a mail proxy. You can 
learn more about Nginx and its features at the Nginx wiki 
page: http://wiki.nginx.org. 
Before the applications are installed, it is necessary to 
update the FreeBSD ports tree to use the latest Nginx ver- 
sion. Update Ports: 


7 his article will cover basic Nginx HA configuration 


#cd /usr/ports 
#portsnap fetch update 


Install Nginx and Naxsi: 


#cod /usr/ports/www/nginx 


#make install clean 





nginx-1.1.1,1 


3rd party gridfs module 
3rd party iconv module 
3rd party let module 
3rd party lua module 
3rd party memc 

3rd party mod security 






MEMC 
[ ] MODSECURITY 


(es) Sse 


Figure 1. Installing Nginx with Naxsi support 
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What you should know... 


¢ Basic FreeBSD shell command line 


Clustering 
Enabling the cluster/load balancer feature is as simple as 
including the upstream directive on the vhost information. 
Listing 1 shows a cluster configuration. 

The acme entity will be referenced by the proxy_pass 
parameter (Listing 2), and the hosts included in the up- 
stream directive will respond to the requests sequentially. 


Listing 1. Configuring the cluster 


upstream acme { 
server 192,166.0.2: 
semver 197. 168.023, 
server 192-168 0-4; 
} 


Listing 2. The acme entity being used in the proxy_pass 
parameter 
server { 

listen acme:80; 


access loge, van) log, ngimse/ nginx. hog, 


IE@Ie ches Olney et 
proxy pass http://acme; 
} 
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Using Nginx and Naxsi for Security and High Availability 


We can preserve the connection in the same backend us- 
ing the jo_hash parameter (Listing 3) which, for example, 
is important for authenticated sessions. 


Priority and failover 

The parameter weight is responsible for defining the 
backend priority. In Listing 4, the first three requests will 
be sent to the server 192.168.0.2, the fourth and fifth to 
192.168.0.3, and the sixth request to 192.168.0.4. 

The failover is enabled using the parameters max fails 
and fail timeout. Max fails defines the total request fail- 
ures allowed within the fail timeout time interval. After 
that, requests are sent to the next backend. To take servers 
offline from the cluster, use the parameter down (Figure 5). 

So far we have configured a basic cluster/load-balanc- 
ing system using Ngnix and now, we will include a secu- 
rity layer to protect the web applications against common 
web attacks. 


Naxsi 

Naxsi is a Web Application Firewall (WAF) for Nginx creat- 
ed by Thibault Koechlin. A WAF is a tool that listens to the 
HTTP conversations and applies a set of rules that protect 
web applications against common attacks such as SQL 
injection, cross-site scripting, Directory Traversal and Re- 
mote File Inclusion. Other examples of WAFs are: 


¢ Modsecurity 
¢ lronbee 


A great advantage of Naxsi is that it follows the positive se- 
curity model, learning how the applications work and cre- 
ating rules based on behavior (whitelist-based). It does not 
use attack signatures like antivirus software does. Naxsi 
was automatically installed during the compilation of Nginx. 

In Listing 6, we created the basic structure to enable 
Naxsi. In Listing 7, the learning mode will analyze the 





Listing 3. Using the parameter ip_hash to preserve the client request 


upstream acme { 
ie lneysld 2 
server 192.166 .0.2; 
server 192.168.0.3; 
server 197 60.0.4; 


Listing 4. Using the parameter weight to define the server priority 


upstream acme { 
emilee, 
server 192.168.0.2 weight=3; 
server 192.168.0.3 weight=2; 
server 192.168.0.4; 


Listing 5. Defining the failover parameters and disabling an offline 
server using the parameter down 


upstream acme { 
omic lik 
seme th os 0 a xcaeradsls 9 sence 
timeout=30s; 
server 197,168.03; 


server 192.168.0.4 down; 


Listing 6. Creating the basic structure. The CheckRule directive 
specifies that any request having an attack score greater than or 
equal to 8 will be denied 


# mkdir /var/tmp/nginx/ 





# vi /usr/local/etc/nginx/naxsi.rules 
LearningMode; #Enables learning mode 
SecRulesEnabled; 

#SecRulesDisabled; 

DeniedUrl “/RequestDenied”; 

## check rules 

CheckRule “SSO >= 3" BLOCK; 
CheckRule “SRFI >= 8” BLOCK; 
CheckRule “STRAVERSAL >= 4” BLOCK; 
CheckRule “SEVADE >= 4” BLOCK; 
CheckRule “SXSS >= 8” BLOCK; 


Listing 7. Enabling the Naxsi WAF 


include /usr/local/etc/nginx/naxsi core.rules; 


location / 4 
include /us«c/ llocal/etc/nginx/naxsi rules; 
proxy pass http://acme/; 
} 
#Naxsi Learning Mode 
location /RequestDenied { 


return 500; 


} 


Listing 8. /nstalling nx_util dependencies 


i ea list) ports, Lang) py enon 

# make install clean 

# cd /usr/ports/databases/sqlite3 
# 


make install clean 
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behavior of the application to create new rules. The nx_ 
util is another useful tool that parses the web site error 
logs, updates a SQLite database, generates new whitelist 
rules, and exports the data to the screen or an HTML file 
(Listing 8-10 and Figure 2). 


tail /var/log/nginx-error.log | ./nx_util.py -c /usr/local/ 


etc/Nainx/nx util=0.3/nx util.conft -L =i, =o <3 acme. htm! 





Hit Repartition 


SOL Injection: 3.58% 








MSS: 33.53% 


Intern: 55.97% -—— 


Directory Traversal: 0.53%. 
RFI: 1 8S 

Evading: 4.50% 

Upload: 0.00% 


Figure 2. HTML page generated using nx_util 





On The Web 
¢ Nginx official Web Site: http://nginx.org/ 


¢ Nginx Wiki page: http://wiki.nginx.org/ 
¢ Naxsi Web site: https://code.google.com/p/naxsi/ 





An example of nginx.conf can be downloaded here: 
http://alexos.org/files/nginx.cont. 


Conclusion 
Now we have a complete cluster/load balancing system, 
and we have secured our web applications using Nginx 
and Naxsi WAF. Remember to create file and database 
replication for a completely fault-tolerant system. 

As this is my first article in BSD Magazine, many thanks 
to all for reading it! 


ALEXANDRO SILVA AKA ALEXOS 
Alexandro Silva aka Alexos lives in Salvador, Bahia, Brasil. He 
is an Information Security Consultant at iBliss Seguranga & In- 
teligéncia. He has been using FreeBSD since the 4.11 release and 
can be reached online at http://alexos.org. 





Listing 9. Configuring nx_util 


i Cde/Usr/local/cte/ ngimx/nx mint —0n 3 

ny Nab sob blical il jretuiue 

ese a 

datancin—) Ucn, Nocal) locally cue, nginx meguieil- U2 3/ mxeddrac 
datclecdsesaitn— 

MEVKS1 COmS MUlSs—/ wise) LOC) Sue) metimx) Merxs1 Come mes 

# cd /usr/ports/databases/sglite3 


i take ine tall seleaan 


Listing 10. After executing a web vulnerability scan on the ACME 
web site, nx_util generates new whitelist rules 


i tall /ver/ log/moimz-ervor. log ||. /mx Uri spy =¢ /usi/ 
locally ete/noinx/ nx uril—-U.3/nxauEtl.comr =i =1 °-0 

Using =stain. 

COMmiure MIG: O 70bise. 

teitettet Optimized Rules Suggestion #####tt tt 
i Ota MW COUNE. 1 (1501 0), peer coune.) (INU 50.) | sparenehesis, 
probable sql/xss 


BasicRule wl:1011 “mz:SURL:/vulnerabilities/brute/|$ARGS_ 





VAR: username”; 
ia WOW Clobhnes | asia jesse Clebiners (INO) | ielcteeiiiclastcilis,, 
probable sql/xss 


BasicRule wl:1011 “mz:SURL:/vulnerabilities/brute/|5ARGS_ 





VAR: login”; 
i) eC MeCOUNs 1 oi cco m CONE. nn LOUNO.)e | pparemuicsis, 
probable sql/xss 
BasicRule wl:1010 “mz:$URL:/vulnerabilities/brute/|S$ARGS__ 
VAR: login”; 
i? COvdl COUNT. O (6./45),. peer count. |! (100 02) |) obvious probe 
BasicRule wl:1202 “mz:SURL:/vulnerabilities/brute/|SARGS VAR: login”; 


BasicRule wl:1205 “mz:SURL:/vulnerabilities/brute/|SARGS_ 





VAR: login”; 
# total count:1 (1.12%), peer count:1 (100.0%) | http:// scheme 
BasicRule wl:1100 “mz:SURL:/vulnerabilities/brute/|SARGS__ 
VAR: login”; 
i coed Wecoume: F(A op pcem coun.) (10080) ii mysql comment 
aa 
BasicRule wl:1007 “mz:SURL:/vulnerabilities/brute/|$ARGS__ 
VAR: login”; 





7 vocal count: 1 (1123), peer count: 1 (00-602) | mysql keyword (||) 
BasicRule wl:1005 “mz:5URL:/vulnerabilities/brute/|SARGS_ 
VAR: login”; 
if eOual cOUme: W122) peer Counc: 1) (100207) s\) umeommon hex 
encoding (%00 etc.) 
BasicRule wl:10 “mz:SURL:/vulnerabilities/brute/|SARGS_ 


VAR: login”; 
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FreeBSD Programming 
Primer — Part 6 








In the sixth part of our series on programming, we will design a 
basic menu navigation system and style it with CSS. 


What you will learn... 
¢ How to configure a development environment and write HTML, 
CSS, PHP and SQL code 


displaying standard HTML pages which have been 
pulled from our database. We are now going to shift 
directions and start to look at the user interface of the CMS 
itself. Traditionally, menu links were hard coded into pages, 
which not only made long-term maintenance time-consum- 
ing but also error-prone. By leveraging the power of a da- 
tabase back end, we can easily extract the title and section 
of pages we want to display and if desired, include or ex- 
clude that content from the menu. For flexibility, we will also 
include the facility to add disparate links to other sites, etc. 
Many sites now use multi-level menus which are driven 
by a combination of SQL, Javascript / Jquery and CSS. 
Later on in the series, we will look at using Jquery to 
add this functionality, but for now we will concentrate on 
a block navigation menu that is displayed alongside the 
main content. 


S o far in this series, we have focused on adding and 


The SQL 

To demonstrate, let’s spin up a MySQL session and take 
a look at our content. At the shell prompt, login to MySQL 
and run some queries (Listing 1 — 2). 

By using the UNION keyword, we can combine the 
output of both SELECT statements into one result. This 
would be fine if we had a small site with not much content, 
but as the site grows, the menu would become unman- 
ageable in size. We could build the interface with a drop- 
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« BSD and general PC administration skills 


down and filter by section, but we would just be postpon- 
ing the inevitable. An additional improvement would be to 
use a combination of a content type filter and a pager with 
the MySQL LIMIT keyword, restricting the display to a cer- 
tain number of items. This would help in the final design 





Listing 1. Logging in to MySQL 
#dev mysql -u bsduser -pcmsdbpassword 


Listing 2. Selecting our content 
mysql> use freebsdcms; 
mysql> (SELECT ‘news’ AS contenttype, id, title FROM 
news) UNION (SELECT ‘pages’ AS 
contenttype, id, title FROM pages); 


4+------------- +----4----------------------- + 
| contenttype | id | title 

+------------- +----4----------------------- + 
| news | 1 | My first page | 

| news | 2 | My second page | 
| news | <3 Ave rele 5 “sine, CSc. | 
| pages | 1 | My first page | 

| pages | 2 | My second page | 
+------------- +----4----------------------- + 
5 rows in set (0.00 sec) 
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and theming of the site, as we will know exactly how much 
browser real estate would be occupied by the menu itself 
even if the content expanded rapidly. 

The remaining issues are how to add disparate links 
and whether we want to display the content in the menu 
at all. For example, we might have an error page that only 
is displayed when the content is not found. While it would 
be useful to store this in the database, displaying it in the 
menu would be rather pointless. The question is where to 





store this data? We could have a separate menu table, 
with the ID of each page and a numeric flag (0, 1) to rep- 
resent do not display in the navigation menu or include in 
the menu. We would then have to maintain 2 tables when 
content is added and removed. This could be easily ac- 
complished using MySQL triggers. Alternatively, we could 
store the page status in the relevant content tables (e.g. 
news, pages) with a flag (0,1,2) to represent “do not pub- 
lish”, “publish but do not show in menu’, and “publish and 





Listing 3. Creating FAQ’s table and adding status flag 


mysql> CREATE TABLE fags LIKE news; 
mysql> ALTER TABLE fags ADD status INT DEFAULT 0 AFTER 


COMESIE: 


Listing 4. Adding auto increment to the FAQ table 


nysd) Allah ABER rags CHANCE Vide Nii Aut Oe iNCREMENA 


Listing 5. Adding data to the FAQ table 


mysql> INSERT INTO fags(id, title, heading, content, 
Stabs, Lamestamp) VALUES ( 7; 
SE AO dd neste 2h AO. 


‘Aenean volutpat, ligula vitae 


aoreet: dapwouc 2,7 4 )y 


Listing 6. Amending the remaining tables 

mysql> ALTER TABLE pages ADD status INT DEFAULT 0 AFTER content; 
mysql> ALTER TABLE news ADD status INT DEFAULT 0 AFTER content; 
mysql> ALTER TABLE pages CHANGE id id INT(11) AUTO INCREMENT; 
mysql> ALTER TABLE news CHANGE id id INT(11) AUTO INCREMENT; 


Listing 7. Our 3 table content 


mysql> (SELECT ‘news’ AS contenttype, id, status, title 
FROM news) UNION (SELECT 
‘pages’ AS contenttype, id, status, title FROM pages) 


UNION (SELECT ‘faqs’ AS 


contenttype, id, status, title FROM faqs); 


+------------- +----}+-------- $----------------------- + 
| Gomrenceyee, | ad) | status, || pitie 
+------------- +----}+-------- $+----------------------- + 
news iL 0 My first page 
news 2 0 My second page 
news 5 0 Areiele 5. — Using CS 
pages iL 0 My first page 
pages 2 0 My second page 
faqs il Z FAQ 1 
elas Zz 0 FAQ 2 
faqs S 1 FAQ 3 
icles 4 2 FAQ 4 



































faqs 5 Z FAQ 5 
faqs 6 Z FAQ 6 
faqs | Z FAQ 7 
faqs 8 Z FAQ 8 
Lags 9 Z FAQ 9 
faqs 10 ze FAQ 10 
+------------- +----}+-------- $----------------------- + 


15 rows in set (0.00 sec) 


Listing 8. Updating the news and pages status 


mysql> UPDATE news SET status = 1; 
mysql> UPDATE pages SET status = 2; 


mysql> (SELECT ‘news’ AS contenttype, id, status, title 
FROM news) UNION (SELECT 
‘pages’ AS contenttype, id, status, title FROM pages) 


UNTONG (Sblbner tags” As 


CONeeNttyoe, 1d, status, title FROM faqs); 

















+------------- +----}-------- +----------------------- + 
| contenttype | id | status | title 
+------------- +----}-------- +----------------------- + 
news i i My first page 
news 2 il My second page | 
news 3 i Aine lew ons iiiGgac oS | 
pages 1 2 My first page 
pages Z Z My second page 
eS i Zz FAQ 1 
faqs 2 0 FAQ 2 
faqs 3 il FAQ 3 
faqs 4 2 FAO 4 
faqs 5 Zi FAQ 5 
faqs 6 2 FAQ 6 
ieee i Z FAQ 7 
faqs 8 Z FAQ 8 
Lage ° 2 FAQ 9 
faqs 10 2 FAQ 10 
+------------- +----}+-------- $+----------------------- + 
[> rows in set. (0200 sec) 
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Figure 1. Bug in core.inc 


show in menu’. Both designs have their good and bad 
points from the implementation and data integrity view- 
point, but for the sake of simplicity, | will use the latter for 
our navigation menu. 

In the meantime, we have an FAQ definition in our file 
content.inc but we do not have any table data for it. We will 
now manually create the table and add 10 random FAQ en- 
tries (Listing 3-5). This will result in a new FAQ table with 
our status field. However, the ID field is not set to auto in- 
crement, so we need to change this (Listing 4). Now insert 
the data (10 entries) — replacing the title, heading and sta- 
tus (0, 1 or 2) as appropriate. We need to repeat the struc- 
tural amendments for our news and pages tables as well 
(Listing 6). Let's check what data we now have in the three 
tables (Listing 7). As we can see, the news and pages will 
not be published or displayed in the menu. Change this so 
the news items are not in the menu but published, but the 
pages are (Listing 8). Let us check in a browser if FAQ 
1, 2 and 3 are displayed. Visit http://yourserverip/faq/1 and 






k LATI2013 20:32PM 






Figure 2. CSS requires fix for FAQ content type 


you should get an error message “No template”. To rec- 
tify this, create a faqs template.inc file iN /usr/home/dev/ 
data/templates with the following content (Listing 9). 

Bug alert! If you visit http://yourserverip/faq/1 you 
will find the page is not rendering correctly (Figure 1). 
You will receive an error message: Notice: undefined 
heading in /usr/home/dev/data/templates/faqs | 
template.inc on line 23. If you want to try and diagnose 
the problem, have a look at core.inc and skip the next 
code listing. The problem lies in the following code snip- 
pet. To fix it, change as follows (Listing 10-11). 

lf you visit http://yourserverip/faq/1, you will find the 
page is still not rendering correctly (Figure 2). The reason 
for this is that the the global CSS doesn’t know about our 
FAQ content type yet, so we need to modify global.css as 
follows (Listing 12). You may have to refresh or clear your 
browser cache to pick this up. This should result in the 


index: 





Listing 9. FAQ template 


<2 
ies 
* 
pags een lawer sane 


* Template for our fag content type 


* For content type foo the corresponding template would be: 


p HOG, wemplicice. ie 


~ Todaspilay a tele: 


e eeneee (> theme |) Welle vom sie ldecs sGcumeca stam cio, i), 


* To hide a field omit it from here 


* To change the rendering order, just re-order the fields 


* NOTE: Any content generated by javascript will not 
be managed here 
z AVclosing 2> tag 1s mandarory 
x 
/ 
render (Stheme[ ‘heading’ ]); 


render (Stheme[ ‘content’ ]); 
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Listing 10. Bad code! 


if (200s 2 SOnmeer) | 


Stheme[Skey] = div(Sresult[Skey], Skey.’-'’.Sid, Skey); 


Listing 11. Good code 


if(S$pos >= Soffset) { 


Stheme[Skey] = div(Sresult[Skey], Skey.’-'’.Sid, Skey); 


Listing 12. CSS to include FAQ content type 


#news, #page, #faq { 


Listing 13. Prevent non-published content showing 
Ssql = “SELECT * FROM $Scontent type WHERE id=’Sid’ AND 
Stacie: © 9) ab wiMior 
ill ues 
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First FAQ 





Aenean volutpat, ligula vitae laoreet dapibus 


& LATIOLS 21:05PM 





Figure 3. FAQ working 


correctly rendered content in (Figure 3). However, if we 
visit http://yourserverip/faq/2 , we will see an FAQ page 
even though the status is 0. Modify core.inc as follows to 
fix this (Listing 13). This should now give a “No data” mes- 
sage. If you are still experiencing problems, ensure that 
the content.inc file is as follows (Listing 14). 


Building our menu 

How can we remember the filter value selected for the con- 
tent type? As HTTP is stateless, we could pass the param- 
eter to each page. This would get complex very quickly with 
multiple menus. A better solution would be to write a cookie 
to the visitors browser when the content type is filtered. To do 
this we will use Javascript, and specifically a suite of Jquery 





Useful links 

¢ Jquery library: http://code.jquery.com/jquery-1.10.2.min.js 

¢ Jquery cookie: https://github.com/carhartl/jquery-cookie/ 
blob/master/jquery.cookie.js 











libraries. Download jquery-1.10.2.min.js and jquery.cookie.js 
from the Jquery website. Place these files in the Javascript 
folder, then modify our source code as follows (Listing 15- 
18). When you visit http://youripaddress/faq/1, you should 
see a page similar to Figure 4. Clicking on the FAQ, News or 
Page button will raise a Javascript dialogue box. 


In the next part 

We will tie the onclick event to writing a local cookie, and 
extracting the links for the MySQL table. We will also look 
at using the Jquery library to build a multi-part menu. 


ROB SOMERVILLE 

Rob Somerville has been passionate about technology since his 
early teens. A keen advocate of open systems since the mid-eight- 
ies, he has worked in many corporate sectors including finance, 
automotive, airlines, government and media in a variety of roles 
from technical support, system administrator, developer, systems 
integrator and IT manager. He has moved on from CP/M and nixie 
tubes but keeps a soldering iron handy just in case. 





Listing 14. content.inc 


<7 pip 
/* 
* 
~ COMECNIE ai MiC 
* Defines content types for our CMS 


* 


ee) 


// Define the content type. This must match any tables 


defined in our 





77 *CMs 

"COMUNE EypCs| P=" page 
"CONUCHin ey pce ll () = nace: 
~COMUCDiEcypeol) — aewe ; 


// Map each content type to a table. Each content type 
must be matched 


// to a corresponding table 








voOlicsione teelloders | josie | jostejers 5 
COneeninwcales |) mac. = sw ulcgs. 
PCONECMIC wale esl News |e= mews. « 


Listing 15. header.inc include Jquery support 


<< DOCIVEE nem PUB. = /We8C (DDE IMO eoietery) Ne 
TREED:) WWW word, Vay <niml l7 Dub, <himllostenct dtd = 
<html xmlns="http://www.w3.org/1999/xhtml” xml:lang="en”> 
<head> 

<meta http-equiv="Content-type” content="text/html; 
Chateee= Wooo s sla 7) = 

<link rel="stylesheet” type="text/css” 
href="/stylesheets/reset.css” /> 

<link rel="stylesheet” type="text/css” 
href="/stylesheets/global.css” /> 

“SCmipt src= /javaseriply jquery—-l. 077 mings 
type="text/javascript”></script> 


<SCripl src=") javascript, jquery cookie. s” 





type="text/javascript”></script> 
<script src=”"/javascript/preload.js” type="text/javascript”> 


—/semmon 
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Listing 16. core.inc 


Une Plone ENE Ame cialocice (co lmicia 


// veplace all spaces between tags 


if (OP TMIEZ 4 


Sb = preg replace (=> \st<— 7 “><, Shutter); 
Pon Oe Sco haCee ie Hie Gy 9 2), 
eb = preg replace(“!\st!’, “™, Sb); 


return sby 
} else { 
// BUGFIX - Edition 6 


Peimucnie sl Guenewk. 


Listing 17. index.php — add include menu. inc 


(// Mend runcEsons 


pequire comce, INCLUDES. Meme inc; 


Listing 18. menu.inc 


<2olne 
function menu(Stype) { 


equine INCEUDES LOOM ee Gre: 


if (Stype == ‘navigation’) { 
// Build select statement for each content type 
ie een 


// Omit the UNION keyword on the last item 


SObESetr« = Jl; 
SGelncofoeuas = ellie (Semcon celeliss)! 3 


\7 


Ssql = : 


\7 


Soption = ; 
TOiaceel US Coiceime ‘cele lee crs Siceimesime ce yes!) | 
// Build the option for the content type 


Soption .= ‘<button onclick="window.alert(\’’. 


Scontenttype.’\’)”>’ .Scontenttype.’</button> énbsp;'; 


Soffset ++; 


Smenu = ‘'; 

Smenuee =" <di a ollcae— “menu —@ Stype Bee ae 
omenu  .= “<h2>’ Stype ine 

Meni "<0 leap) o> - 

Smenu .= Soption; 

Smenu .= ‘</div>’; 


rerucne omenus 


Listing 19. Menu CSS add to global.css 


.menu-navigation { 
border: lpx solid #DADADA; 
paddumon LOiox: 
Vilelien Uo 
background-color: #E5E6AD; 





ine 
COlOm Geomawo;: 


font-weight: 600; 
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Figure 4. FAQ with Javascript onclick buttons 
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CRYPTOGRAPHY 


Elliptic Curve 


Cryptography and Basic Applications in BSD OS 


Over the past century, new IT discoveries and top technologies 
have been incorporated into our daily lives. As a result, one must 
decide whether computer security is essential or superfluous. 

In these times, when the Internet allows users to communicate 
easily around the world, many people use it to trade in goods or to 
protect against intruders. That’s why cryptological techniques and 


algorithms are an essential need. 


What you will learn.. 
Basic terms of Public Key Peeoaeniy, 

° s eliske curves and their application to cryptographic methods. 

¢ Foundations of Elliptic Curve Cryptography. 

¢ Basic application of ECC public key techniques. 

¢- Development of ECC cipher and digital signature systems for 
NetBSD OS. 


form better than the traditional Public Key Cryp- 

tography (PKC) algorithms such as RSA. For this 
reason, introducing a new PKC approach based on elliptic 
curves could become important in the near future because 
these methods provide better performance over the former 
ones, although they are not as good as SKC techniques. 

Although all these aspects are known by the IT users com- 
munity, the most modern cryptographic techniques, such 
as those based on public-key algorithms like RSA, DSA or 
IDEA, show great promise to harden existing systems. In 
this context, public-key algorithms based on Elliptic Curves 
Theory (ECT) will be the main focus of this article. 

Hence, the main purpose of this paper is not only to 
present the associated terms and definitions of the Elliptic 
Curves Cryptography (ECC) methods, but also to dem- 
onstrate that these techniques are a subset of the gen- 
eral public-key cryptographic methods. Due to this fact, 
it's simple to deploy and use in Unix-like systems and, in 
particular, within NetBSD. 

Just allow me a digression, as | would like to apologize 
to the reader for the approach followed, which is some- 
times excessively abstract. A background knowledge of 
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What you should know... 

¢ Basic knowledge of public key cryptographic methods. 

- Basic knowledge of Abstract Mathematics, Modular Arithmetic, 
Algebraic Structures, and Group/Field Theories. 

« User-level background of NetBSD OS (a Unix-like OS). 


the science behind the ECC methods will help you easily 
understand the topics introduced here. 


Cryptography 

Cryptography is the scientific discipline of ensuring the se- 
cret transmission of information so that it can be read only 
by the message sender and receiver. There is a need, as 
old as human history, to protect personal information and 
privacy. The first reference to this topic can be dated back 
to 1900 BC in Egypt. Currently, cryptography must meet 
four basic requirements: 


¢ Privacy: Nobody else apart from the sender and receiver 
of a message can access the content of the message. 

¢ Non-repudiation: This mechanism ensures the identi- 
ty of the sender. 

¢ Authentication: Each of the participants involved in a 
communication process must prove their identity. 

¢ Integrity of information: Ensures that the content has 
not been modified during transmission. 


Cryptographic methods must not only protect the data 
from third parties but must also guarantee the integrity 
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of data transmitted, ensure the identities of both send- 
er and receiver and allow both of them to communicate. 
There are three types of cryptographic schemes that ful- 
fill these four requirements. According to the well-known 
terms used in the literature, we shall refer to non-ci- 
phered data as cleartext, and call encrypted data cipher- 
text. For third parties, it is common to use terms such as 
eavesdropper or man-in-the-middle. 


Cryptographical Algorithms and Types 

As explained in the previous paragraphs, the three types 
of cryptographic methods exist for two main purposes: to 
exchange information between two entities so that no- 
body else can read it and to verify that the information 
or data has not been modified during delivery. Within the 
first category, we have Symmetric Key Cryptography/Pub- 
lic Key Cryptography techniques and for the second one, 
we count on hash-functions. Let us briefly describe these 
three cryptological techniques. 


Symmetric-Key Cryptography 

For Symmetric-Key Cryptography (SKC), both sender and 
receiver share the same key to cipher and decipher (Fig- 
ure 1). 


plaintext ———————>- ciphertext ————————» la intext 
Figure 1. Symmetric Key Cryptography (SKC) 


That means SKC involves two people using the same 
(private) key for both encrypting and decrypting informa- 
tion. Because SKC uses a single key, algorithms based 
on this approach are faster than PKC and are easier to 
implement. However, the main weakness of SKC relies 
on the fact that before starting secure communication, 
both parties need to have a copy of the shared key. Under 
some circumstances, that can be impossible. 


Public-Key Cryptography 

Public-Key Cryptography (PKC), in which a pair of differ- 
ent keys are used. These keys are designated as public 
and private, depending on their usage (Figure 2). 


nN nN 


plaintext —————————>- ciphertext ————————> plaintext 


Figure 2. Public Key Cryptography (PKC) 


In contrast to the SKC approach, using Public Key Cryp- 
tography (PKC) algorithms does not require that the public 
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key remain secure, and it does not matter at all if anybody 
other than the two parties in the secure communication pro- 
cess knows it. In fact, it is possible to go further by using 
both PKC and SKC for secure communications. In this way, 
two people create a secure channel by using PKC and then 
they can share a key so they can use SKC for further com- 
munication. This mixed approach takes advantage of the 
best of both worlds: performance and security. 


Hash Functions 
Hash functions (Digests), also known as one-way func- 
tions, map a value to a message. In this schema, the con- 
cept of key makes no sense as the purpose of these func- 
tions is not to recover the message but to ensure that the 
contents of the message have not been altered. 

These functions must exhibit a basic property: any mod- 
ifications in the message produce high variations in the 
final numeric result (Figure 3). 


hash function 
plaintext ————————— ciphertext 


Figure 3. Hash Functions (Digest functions) 


Categories of Cryptographic Algorithms 

The reason that three different categories of cryptograph- 
ic algorithms have been developed is motivated by their 
final applications. Hence, while hash functions have been 
created to ensure referential integrity of data, SKC was 
conceived for message ciphering and PKC plays an im- 
portant role in user authentication by means of the users’ 
keys exchange. 

Ultimately, SKC shows a higher performance than PKC 
algorithms as the latter takes three times longer to ex- 
ecute in comparison with SKC. As we explained in the 
introduction, this will be the motivation to look for better 
performance PKC algorithms. 

As explained in the previous section, SKC algorithms 
like DES and its variants 3DES, use a unique key to en- 
crypt and decrypt a message. Although this approach is 
easier to implement, there’s a handicap since before start- 
ing secure communications between two partners, both 
of them must have a copy of this key. Moreover, this key 
must be kept secret between the two participants so that 
a third party can't access the contents of the message. 

Although the use of SKC algorithms implies better perfor- 
mance, the price to pay is the inherent risk when two par- 
ties must share the same key and are usually not in touch. 

PKC algorithms are based upon the existence of a pair 
of complementary keys, named public and private key: 
the use of one of them is undone by using the other one. 
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The difference between the public and the private key is 
merely a matter of usage, as both keys are implemented 
as nothing more than integers from a mathematical point 
of view. Computers represent these integer numbers as 
strings. 

In contrast to SKC algorithms, PKC algorithms allow 
us to bypass the requirement of SKC that two actors 
must share the same key. The tradeoff in this case is the 
performance we would get by using SKC. Hence it is a 
matter of compromise to make the right decision about 
which to use. 

Also known as one-way cryptography, Hash functions 
are based on the existence of the inverse mapping for a 
map that associates a message/file with an integer num- 
ber or message digest. These hash mappings have two 
essential properties for security applications: 


¢ A small modification in the message produces a no- 
ticeable change in the final digest. 

¢ The calculus of the inverse of this function or mapping 
is very difficult, making it almost impossible to recover 
the original message starting from the digest of it. 


These algorithms are widely used to check the integrity 
of the transmitted data. Some known examples are the 
Message Digest (MD) algorithms such as MD2; MD4, 
used to encrypt passwords in MS Windows; and MD5, 
developed to eliminate MD4 weaknesses. 

An example of the use for each schema explained 
above is given in Figure 4. 


(Person A) 
Private Key 


(Person A) 
Message 


Session Key 


(Person B) 
Public Key 


Figure 4. Application for SKC, PKC schemas and hash (digest) functions 
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Up until now, the mathematical tools used to develop 
new cryptographic techniques were based on Modular 
Arithmetic and it is precisely this discipline the most im- 
portant point to introduce a new approach for PKC meth- 
ods, provided by Algebraic Geometry and materialized 
in some special functions termed Elliptic Curves. PKC 
based on elliptic curves is known as Elliptic Curve Cryp- 
tography (ECC). 


Elliptic Curve Cryptography (ECC) 

In 1985, Elliptic Curve Cryptography (ECC) was pro- 
posed by Victor Miller of IBM and Neal Koblitz of Wash- 
ington University as an alternative to the public key algo- 
rithms based on modular arithmetic and the factoring of 
big primes as a way of obtaining more robust and less 
computationally demanding algorithms. Elliptical cryptog- 
raphy is based on the resolution of the problem of discrete 
logarithm of the curve. However, before going deeply into 
these concepts, we need to let go of our mathematical 
prejudices and start thinking abstractly. 


Groups Theory and Modular Arithmetic 

Keep in mind before reading the following sections that 
we will not deal with numbers but with abstract entities. A 
group is nothing more than an algebraic structure defined 
on a set G whose elements are points. 

Since the elements of a set are points — it is possible to 
invent operations that associate a couple of points of the 
above mentioned set with the third one of the same set, 
which is known in Mathematics as an internal operation, 


Digital signature 


Digital Envelope 


Encrypted message 


Encrypted session 
key 





Message sent to person B 
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which is nothing more than one which associates at every 
pair of points of G another point of the same set endowed 
with the following properties: 


¢ Associability 
« Unit element 
¢ Inverse element 


Furthermore, if the commutative property happens, 
we will say of (G, +) it presents a structure of the abeli- 
an group. Let’s think about one of these sets because we 
will use it hereinafter. Let’s see the usefulness of another 
concept that is studied in Elementary Mathematics and to 
which it does not explain how to get profit of it, as are the 
relations of equivalence, which allow to establish classes 
of equivalence in the above mentioned set. Let’s take the 
whole numbers; let’s choose a non-negative whole num- 
ber, m, and establish a relation of equivalence: 


x Ry if and only if (x-y) mod m=0 


That means two integer numbers are related, if when we 
divide its difference by m, the remainder is equal to 0. In 
this way, we could have the following equivalence classes: 


[O]={0, m, 2m, 3m, 4m} 
[1]={1, mt+1,2mt+1,3m+l, ... } 
[m= Li= {maL, 2Zimeal) > simal)> «<4 


That is to say, we have moved from a set Z with infinite el- 
ements to another one consistent of the resultant class- 
es of equivalence of introducing the previous relation that 
besides turns out to be finite. The above mentioned set 
named zn and its elements are [0], [1]... [m 1]. Let’s define 
now a “sum” operation that acts on two of these classes of 
equivalence, associating the third one of the following form: 


. (i+j-k) mod m = 0) 


~~? tr € 
~< @< 


Figure 5. Elliptic curves with coefficients a, b real 


www.bsdmag.org 


At first glance, these concepts seem to be somewhat ob- 
scure and complex since this operation on the set z mis 
the base of most of the algorithms of public key as Diffie- 
Hellman, DSA and RSA and is going to be the starting 
point for the algorithms of public key based on the Theo- 
ry of Elliptic Curves; algorithms which lead to ECC. 

Elliptic curves were originally introduced by the German 
mathematician Bernhard Riemann in the 19th century and 
these combine also Number Theory as Algebraic Geom- 
etry. From this point of view, an elliptic curve is nothing 
more than the set of points obeying a 3rd degree polyno- 
mial equation: 


y*=k>+axtb 


The shape of these curves depends on the choice for 
the parameters a and b, as can be seen in Figure 5. 

These curves have an interesting property: small varia- 
tions in the parameters a and b produce big variations in 
the points of the above mentioned curve. Let’s define an 
operation on one of these curves. 

We might show which is the natural number n such that 
the point o=np and this one is the problem ECDL. The 
foundation of the algorithms ECC takes root in the fact 
that a person can know the points P and Q, but determin- 
ing the number n is intrinsically difficult from a computa- 
tional point of view. 

Replacing the roles from a traditional point of view for 
IT security, we have two entities acting as our PKC keys: 


¢ Point Q Public Key ECC 
¢ Integer n Private Key ECC 


In summary, we have defined all required elements to 
make up a public-key algorithm based on EC theory 
which is very different from those ones based on pure 
modular arithmetic that try to exploit big prime numbers, 
such as RSA or DSA. These ECC algorithms will pro- 
vide the same level of security but using smaller key siz- 
es compared to their predecessors, as shown in Table 1. 


Table 1. Key sizes comparison between RSA y ECC algorithms 

















Key bits | Decrypt Time | Key bits ECC | Key bits rate 
RSA (MIPS Years) between RSA / 
Bae 
512 | 104 106 05:01:00 
768 108 EV 06:01:00 
402 1011 “160 07:01:00 - 
2,05 1020 210 10:01:00 
200 1078600 35:01:00 
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As ECC key sizes are significantly smaller than those 
for RSA, the performance of ECC methods is higher, re- 
sulting in better response time as well as less memory and 
network bandwidth consumption. Nevertheless, ECC is 
much more efficient than RSA for the signature (company) 
and deciphered, but slower in counterpart for operations 
of monitoring signature (company) and encrypted; even 
with everything, for applications in which (MIPS) gives pri- 
ority to the shortage of resources of memory, bandwidth, 
or computer power, ECC would be the reasonable algo- 
rithm; for example in the case of embedded systems. 


Elliptic Curves. A Brief Introduction 

We are going to give a quick introduction on one of the 
most exciting topics of pure mathematics: the algebraic 
theory of elliptical curves, which are nothing more than al- 
gebraic expressions. Let a and b be integer numbers and 
consider the equation: 


Vy? =x>+axtb 


Let's suppose for a moment, that instead of using real num- 
bers for the above mentioned parameters a and b (as was 
shown in Figure 5), we assume that the above mentioned pa- 
rameters [0], [1], [2] belong to asetz p = {.... [p-1J}, such 
and since it has been defined in the previous paragraph, with 
p being a prime number; that is, divisible by itself and one, on 
that we define an operation (moa p) of the following form: 


x (mod p) = remainder of the integer division of x by p 


Let z pp be the set of elements x (mod p). Now we can 
focus our attention to the family of elliptic curves: 


Vo =x" taxtb 


where a, b belong to the set z_p already defined and 
these two parameters meet the following relationship: 

4a? + 27b* !=0 (mod p) 

Also, we need another special point placed at infinite 
that we name O. It is feasible to define an internal op- 
eration “+” which maps two points P, Q over this curve 
to a third one R also belonging to it and, what is more, it 


is amazing that this new operation we have just created 
verifies these three well-known properties: 


¢ Unit Element: P+O=0O+P=P 


¢ Inverse Element: For all point P there exists a point Q 
such that P+Q=Q+P=O 
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¢ Associativity: Given three points P, Q and R, the 
equation (P+Q)+R=P+(Q+R) holds 


A set of points provided with an operation adds that sat- 
isfies these three properties: it is said to possess the al- 
gebraic structure of group and if besides, it verifies the 
commutative property; that means, for any couple of 
points P, Q there is fulfilled that P+Q=Q+P, it is said that 
the above mentioned group is commutative or abelian. 
With it we have set all the formal elements for the defi- 
nition and development of algorithms of cryptography by 
means of the employment of elliptical curves or ECC. 


From Points to Numbers 
Let’s define a “sum-like” operation on points of an elliptical 
curve with coefficients defined on z_mof the following form. 
Let P and Q be two points characterized by their 
coordinates in zm x zm P = (xl, yl), Q = (x2, y2). 
The above mentioned operation adds up, associates 
with the point r=r+o the coordinates (x3, y3) Calcu- 
lated of the form indicated below: 


MoS De = a = ee 
ys = A. (kL =83) = yl, 


where a IS equal to: 
A=(y2-yl) /(x2-x1) if P #Q 
and also: 

A=3x1?+a/(2yl) if P=0 


if p = g; that means, the coordinates for 2P. Now there 
comes the moment to go on from the abstract thing — the 
points — to the concrete thing — the coordinates — of agree- 
ment with the previous definition of sum that evidently, it 
does not have anything to see with the supreme operation 
that the reader intuitively knows. It is the elliptical curve: 


y?=x?+xt+1 


defined over z  23={0,1,2,...22}. The points placed on this 
curve, will also belong to z__23 and they are part of a finite 
set containing 27 points indicated in Table 2 and there ex- 
ists a finite number of these points due to our choice. This 
fact is very important as computers are not able to work 
with infinite sets. Let P and Q be two points of our curve: 


P=(3,10) 
O=(9, a) 
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Table 2. Points over y*=x*+x+1 defined on the finite group Z_23 


-0,1 0,22 1,7 +116 
3,1 3,13 4 5,4 
5,19 6,4 -6,19 7M 
E72 97 -9,16 11,3 
Ene Eee (Pete 13,7 
13,16 17,3 17,2 18,3 
18,2 19,5 19,18 . 


Applying the previous formula, we see that P+o=(x 3,y _ 3) 
is determined by doing the mathematical operations de- 
scribed here: 


A=11 which belongs to Z 23 
x5=-6 = [7 (mod...23) 
Yous = 20 qmod 73) 


then P+Q gives, as a result, the coordinate point (17,20) 
placed on such a curve. Once the main characteristics 
for finite groups underlying elliptic curves have been an- 
alysed, it is possible to start with the concepts used for 
PKC based on such abstract entities. For ECC systems, 
there are three different approaches: 


* Schema ECC Diffie-Hellman, based on Diffie-Hell- 
man (1976) algorithm. 

¢ Schema ECDSA, based on DSA or Digital Signature 
Algorithm. 

¢ Schema ECMQC based on MQV approach. 


Most importantly, it is the reason for the one that is pos- 
sible to use these abstract entities in public-key cryptog- 
raphy that the security level of the ECDSA algorithms 
is the intrinsic difficulty of solving the discrete logarithm 
problem for elliptic curves (ECDLP) by means of brute- 
force attacks, which consists of the determination, given 
a curve E over z_ p, the integer k between 0 < 1 < n -1 
such as Q=kp, whenever this number does exist. 

In order to avoid the proliferation of advanced topics 
and the subsequent overload for readers, we are going to 
focus now on ECDSA schemas and their application for 
cryptographic techniques in BSD OS, with a special em- 
phasis on cipher and digital signature applications. 


ECDSA Algorithm: A brief Introduction 

ECDSA proposes a slightly analogous algorithm to DSA in 
which, rather than working with the set zp ={0,1,2,...p- 
1}, the points over an elliptic curve with parameters a,b € 
z_p Will be used instead. 
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Depending on the final use, ECDSA algorithm can be 
divided into two classes; one for cipher and the other one 
for signature generation. We discuss each of these class- 
es separately. 


Public/Private Keys Generation for ECDSA 
The process of key pairs generation for ECDSA is based 
on the procedure detailed below: 


¢ Choose an elliptic curve defined over a set of integers 
mod p, z_ p. The number of points for the curve shall 
be divisible by a positive prime integer n. 

¢ Select a point P over the elliptic curve whose order is 
n; that means, a point such as np=o. 

¢ Select an integer d within the interval {1, 2, 

¢ Calculate the point o=ap 


vate ORL 


As a result, we get a pair of keys in which: 


¢ Public Key is the set of values (E, P, n, Q) 
¢ Private Key is the integer d, which belongs to the set 
(ly. 2, eve BU) 


Let us study now the three schemas for cryptography we 
introduced before and their application to the basic prob- 
lems in cryptography. These schemas can be extend- 
ed to ECC algorithms and, in particular, to ECDSA algo- 
rithms; such as cipher of messages, and digital signature 
generation and verification. 


Digital Signature Generation and Verification 
(ECDSA) 

The proposal for ECDSA to get the digital signature for a 
message is Summarised in the 6-step procedure below: 


¢ Choose an integer number k belonging to the set 
{1,2, ... n-1} 

¢ Calculate kP=(x 1;y _ 1), and then set r = x mod n. 

¢ If r=0, go to step 1, because if r=o0, the equation s=x~*{- 
1}[h(m)+dr] mod n Will not contain the private key a 
and a valid d is required. 

¢ Calculate k*{-1} mod n. 

¢ Calculate s=k*{-1}[h(m)+dr] mod n where nh is the re- 
sulting value provided by SHA-1 algorithm. 

¢ If s=o0 go to step 1, to ensure the existence of an in- 
verse s*{-1}. 


Eventually, a digital signature, according to ECDSA, is 
nothing more than the pair of positive integers (r,s). 

To verify a signature provided by ECDSA, the process 
consists of four sequential steps: 
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¢ Geta copy for public key’s signature (E, P, n, Q) and 
verify that the signature (r,s) is included in the set of 
Integers {1, ..., n-1} 

¢ Calculate w=s*{-1} mod n and Be (ii 

¢ Calculate u _1=h(m)w mod nandu_ 2=rw mod n 

¢ Calculate u _1P + u_ 20=(x _0,y_ 0) and v=x 0 mod n. 


In this way, a digital signature will be valid whenever v=r 
holds. Thus, we have a simple description of the pos- 
sibilities of ECC to act as a replacement for traditional 
PKC algorithms. 


Practical Applications, Small Privacy Guard (SPG) 
Released in April 2009, version 0.3.1 of Small Privacy 
Guard appears as an application based on ECC cryptog- 
raphy, that can be used not only for the coding and deci- 
phering of messages but also for digital signatures. SPG 
is the alternative to Pretty Good Privacy (PGP) of P. Zim- 
mermann, developed from 1991, and the Open Source 
versions like OpenPGP and GnuPG. 

This application is freely available at the URL hitp:/ 
spg.sourceforge.net in the form of source code under 
the terms of the Lesser General Public License version 
2.0 (LGPLv2) for download. Unlike PGP, the keys are not 
linked to email addresses or user’s names. 

The power of this application, as any product that ad- 
mits ECC cryptography, is based on the number and com- 
plexity of the implemented elliptic curves. In the case de- 
scribed in this article, SPG has 11 such curves: 


¢ secp112r1 

* secp112r2 
* secp128r1 
¢ secp128r2 
¢ secp160r1 
¢ secp160r2 
¢ secp192r1 
* secp224r1 
¢ secp256r1 
° secp384r1 
* secpos21r1 


whose key sizes vary from 112 to 521 bytes. 

The reader acquainted with GPG will not have a prob- 
lem in adapting SPG as an alternative tool in cryptograph- 
ic applications in Unix-like systems such as NetBSD. To 
start with the installation process, the following require- 
ments must be satisfied: 


¢ OpenSSL Development libraries. 
¢ gcrypt development libraries. 


BSD 


MAGAZINE 


42 


For NetBSD distributions, the installation process is au- 
tomated thanks to pkgsrc system, thus there is no need 
to install utilities such as OpenSSL and Qcrypt. Other- 
wise, these libraries should be installed before down- 
loading the source code for SPG application. If you want 





Listing 1. Standard test cases provided by SPG application 


5 Make tests 


INFO: File encrypted 

Message encrypted ok 

tteeteeee SeCp521r1 decrypting data ##HHHTTFEETFEETTH 
INFO: File decrypted successfully 

Message decrypted ok 

INFO: File decrypted successfully 

Message decrypted ok 

ALL TESTS PASSED 


Listing 2. Test cases execution for SPG application 
G@Cto Geo Wa line O72 eeu yecne 

GCC t= i= Nannies Os 6 se Ce 1c 

jee 9 “Wa MES OZ) © nce poumt ce 

Gee. —¢ Nal —O2 Comat mc 

jec=¢ =“Walll--02--cultils.c 

Gece >= Go) Wali -O2) cs Me eupner ac 








gee =o. -Walll--02 —-e help ie 

JCC sO sO CUEVes OneCe Ore e Orne Ola ,O mire 70) 
S/Mecl eer Oiele Om lem yOle OlmEcaGe a ss ea heiayore 
“done” 


echo 


Gp useG tests) G4 Cdetesus 66.7) bests. sit 


Listing 3. SPG application usage and options 


Use: spg commands [options] [file ...] 
Commands are: 

=6 ==Ge0 key Getieceue Delivers Ike 

-X --xport eXport public key from private key 
-S --Sign Generate message signature 

-v --verify Verify message signature 

Sear Seine Oe Mee yee 

-d --decrypt Decrypt 

a aiciee Weve c ims me np enc mneGme tienes 
-h --help Print help and exit 

Options are: 

-c --curve Use this curve 

Si Seno emo easel 

=O) =-OUILPU Oureue ule 


-V --verbose Be loud 


=— =I ng Print Lime Spence eCompuuing ce algorithms 
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to perform an installation from the source, uncompress 
the downloaded file by issuing the commands and start- 
ing the build process: 


S$ tar zxvf spg.tar.gz && cd spg 
S$ make all 


It is recommended to execute the tests in order to check if 
the application works properly (see Listing 1). To test SPG, 
execute the command and verify that all proposed tests are 
successfully passed. Once this step is finished, it is time to 
get started with the first steps using ECC cryptography by 
means of SPG to examine its use and features for key gen- 
eration, crypt and decrypt, as well as digital signature man- 
agement, which were introduced for ECDSA algorithm (List- 
ing 2). The SPG application uses a command-line interface 
(CLI) that allows the commands and options shown in List- 
ing 3. Eventually, we are going to analyse SPG within the 
three basic processes for Digital Cryptography. 


ECC Key Generation for SPG 

All processes based on ECC shall use one of the 11 elliptic 
curves currently implemented in SPG 0.3.1. To generate a 
pair of keys using, for instance, the curve secp521r1 which 
provides the strongest security level, the command is: 


S$ spg -g -c secp521rl -o ecc.key 
This command stores the private key in an ASCII file 
ecc.key (see Listing 4). Once our private key has been 


generated, its complementary public key shall be ob- 
tained by means of the command: 


» Spg -x -k eco.key -o ece pub. key 





which stores it in the file ecc  pub.key, whose contents 
are reproduced below. Notice that the elliptic curve does 
not need to be specified again once the private key has 
been generated (Listing 5). 

In this way, we have already the necessary elements to 
develop the most common applications for cryptography. 
The only thing left to do is to assign each pair of keys to 
a specific user. 


Crypt/Decrypt with SPG 

Using the public key we created in the previous section to 
encrypt a single file, let's say myfile.c, we can cipher the 
file into one with the extension .enc as shown below: 


» Spg -e -k ecc pub. key myfile.c 
INFO: File encrypted 


Before decrypting the file, rename it in order to delete 
the .enc extension: 


S file myfile.c* 
myfile.c: ASCII English text 


myfile.c.enc: data 


The decryption process is quite similar, just swap the 
public and private ECC keys: 


S spg -d -k ecc.key -o myfile.c myfile.c.enc 
INFO: File decrypted successfully 


The procedures concerning SPG installation and ba- 
sic operations can be applied to a wide variety of Unix 
systems and not only for our target BSD OS in a very 
straightforward way. 





Listing 4. ECC Private Key based on elliptical curve secp521r1 


QOYTehsOrMVKENPcgiXFHJT+H61Oupm54ICJhAxkUja5vzeJPZBpgkdHeWS ke5o0E 
XiL0KswHyU81g14Ap7RO8BOESQgHUt+wr0Q04dfvltuFzSjTxjl5cVeFhfq4xhrVxxn 
86LsTSGw8o0eTeAab3sc0iSxdjTD3hqHWdRfVwnjN2+tOk6Ez40F/rpqFeU5iTgMV 
rNCB8 IJmcOxBOJU9nwW1lWuyD3rBVrP80x6tSITHEKaiVR+0ogyJL30Q78LfIW8hl4d 
QLQaJtOD5Q1zZWNwWNTIxcjE= 


QOYTehsOrMVKFENPcgiXFHJT+H61Oupm54ICJhAxkUj a5vzeJPZBpgkdHeWS ke5o0E 
Xi10KswHyU81g14Ap7RO8BOESQgHUtwr0Q04dfviltuFzSjTxjl5cVeFhfq4xhrVxxn 
86LsISGw8oeTeAab3scO01iSxdjTD3hqHWdRfVwnjN2+tOk6Ez4wlzZWNwNTIxcjE= 
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Digital Signature and Verification (ECC) with SPG 
To conclude with the ECC applications provided by SPG ap- 
plication, we describe the use of digital signatures for files and 
the subsequent verification. Let us take as an example the file 
message.txt, whose contents may be found in Listing 6. 

By using our private key, the process to get a digital sig- 
nature associated to this file, is given by the command: 


S spg -s -k ecc.key -o Signature message.txt 


The resulting ECC-based digital signature is shown in 
Listing 7. 

Obviously, to check that the file has not been altered, 
you have to use the public key provided by SPG by typing 
the command: 





Listing 6. Contents of message.txt file 


S$ cat message.txt 
Recuerde el alma dormida, 
avive el seso y recuerde 


contemplando: 


Como se pasa la vida, 
céOmo se viene la muerte 


tan callando. 


Listing 7. Digital signature for message.txt 


S cat signature 


TdcmNXyWFQ4RRZ4VeuAc7siaJDUT/ fJT10+aZkLOmpx133Ze 


Listing 8. Generating a key 


# ssh-keygen -t ecdsa 


Generating public/private ecdsa key pair. 


Enter passphrase (empty for no passphrase): 


Enter same passphrase again: 


The key fingerprint is: 


Listing 9. The key’s randomart image 


ee ECW Ae O16 le a 


oa 








Enter file in which to save the key (/root/.ssh/id ecdsa): 


Your identification has been saved in /root/.ssh/id_ecdsa. 


Your public key has been saved in /root/.ssh/id ecdsa.pub. 
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S spg -v -k ecc_ pub.key -1i signature message.txt 


INFO: Signature is valid 


Hence we finish the study of application ex- 
amples for SPG to illustrate the application of 
ECDS algorithms in Unix-like systems. 


Another useful application: OpenSSH 
and ECC Usage 

Although there is no reason to fear possible 
weaknesses with RSA/DSA methods, the ECC 
may provide an additional method to generate 
public/private keys. Likewise, ECC and the ECD- 
SA support, it is a different system to avoid the 


QdpgUmdMn+5 IFH+1MCVx9Wcj rHT8 fmKdu4LB44jn/UxmYa2i f4vfSwWugq7W59tv3d existence of a single point of failure in case a se- 
texOuBez6mj 7AXiu58QKLCYBOZ 9FOrf£rkVZ4tESoQONujxOYkXKeBesyb2m9Ydir curity breach occurs. 


As NetBSD 6.0 incorporates OpenSSH 5.9 to- 
gether with ECSDA support and OpenSSL 1.0.1¢c 
by default, the generation of a pair of user’s keys 
follows the same procedure used for RSA/DSA 
keys with no need for additional recompilation for 
OpenSSH utilities (Listing 8). 

The key’s randomart image is shown on Listing 9. 

As you can see, the use of ECC methods for 
SSH authentication is really straightforward and 
there is no additional effort to generate alterna- 
tive authentication based on elliptic curve crypto- 
graphical methods. 


ECC and Current Standards 

It is required to digress a bit and introduce some 
concepts on the standardization of these algo- 
rithms, in order to promote the interoperability 
and facilitate the use of technologies currently in 
use. Standards for ECC are currently being pre- 
pared by some international organizations: 

ECC algorithms are being standardised by the 
American National Standards Institute (ANSI), 
more precisely by the ASC XQ (Financial Ser- 
vices) working group, and there are two docu- 
ments: ANSI X9.62, The Elliptic Curve Digital 
Signature Algorithm (ECDSA) and ANSI X9.63, 
Elliptic Curve Key Agreement and Transport Pro- 
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tocols. Additionally, elliptic curves have also been intro- 
duced into the specifications for PKC algorithms. 

On the other hand, the Internet Engineering Task Force 
(IETF) describes a modified protocol to accept/reject keys 
which is a variant of Diffie-Hellmann algorithm using ECC. 

The International Standards Organisation (ISO) is work- 
ing in Appendix 3 included in ISO/IEC 14888: Digital sig- 
nature with appendix, which is mainly devoted to the 
certificate-based mechanisms. These mechanisms also 
support ECC. 

The Asynchronous Transfer Mode (ATM) Forum Techni- 
cal Committee’s Phase | ATM Security Specification draft 
document tries to introduce new mechanisms to reinforce 
ATM network security, by providing the necessary support 
for a wide variety of public-key algorithms such as RSA, 
DSA, and indeed ECDSA. 

To sum up, it is clear that the family of ECC algorithms 
are serious candidates to replace the traditional PKC al- 
gorithms used in the industrial, financial, and science sec- 
tors in cases where a better performance at the same se- 
curity level is required. 


Conclusion 

As indicated in the introduction, the technologies of digital 
cryptography, in general and especially those related to 
Public Key methods, are based on a family of mathemati- 
cal problems represented by abstract elements and enti- 
ties that only can be clearly understood by using higher 
mathematics. 

Concretely, the main advantage of the ECC algorithms 
arises from the low resource requirements at the mo- 
ment of doing the coding, deciphering, signatures and 
checking operations of these, as well as the total inde- 
pendence of the platform and most importantly, the pub- 
lic availability of the algorithms, which are in the phase 
of adoption by the most important international agencies 
of standardization. 

The ECC algorithms provide, as explained in this article, 
among all existing public-key algorithms, the highest de- 
gree of protection with the smallest key size in compari- 
son with the public key algorithms used at present. With 
a module of 160 bits, an algorithm ECC as ECDSA offers 
the same level of security as a DSA/RSA with 1024 bit- 
module. Working with keys of low size saves bandwidth, 
involves smaller digital certificates, and leads to quicker 
algorithm implementations with lower resource consump- 
tion and hardware requirements. 

For those readers interested in a more in-depth study 
of elliptic curves, | recommend the latest book by Avner 
Ash and Robert Gross, “Elliptic Tales: Curves, Counting 
and Number Theory”, which describes the latest devel- 
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